logo
DATABASE RESOURCES PRICING ABOUT US

Firefox vulnerabilities

Description

Christian Holler, Andrew McCreight, Dan Minor, Tyson Smith, Jon Coppeard, Jan-Ivar Bruaroey, Jesse Ruderman, Markus Stange, Olli Pettay, Ehsan Akhgari, Gary Kwong, Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5289, CVE-2016-5290) A same-origin policy bypass was discovered with local HTML files in some circumstances. An attacker could potentially exploit this to obtain sensitive information. (CVE-2016-5291) A crash was discovered when parsing URLs in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code. (CVE-2016-5292) A heap buffer-overflow was discovered in Cairo when processing SVG content. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5296) An error was discovered in argument length checking in Javascript. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5297) An integer overflow was discovered in the Expat library. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash. (CVE-2016-9063) It was discovered that addon updates failed to verify that the addon ID inside the signed package matched the ID of the addon being updated. An attacker that could perform a machine-in-the-middle (MITM) attack could potentially exploit this to provide malicious addon updates. (CVE-2016-9064) A buffer overflow was discovered in nsScriptLoadHandler. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-9066) 2 use-after-free bugs were discovered during DOM operations in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-9067, CVE-2016-9069) A heap use-after-free was discovered during web animations in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-9068) It was discovered that a page loaded in to the sidebar through a bookmark could reference a privileged chrome window. An attacker could potentially exploit this to bypass same origin restrictions. (CVE-2016-9070) An issue was discovered with Content Security Policy (CSP) in combination with HTTP to HTTPS redirection. An attacker could potentially exploit this to verify whether a site is within the user's browsing history. (CVE-2016-9071) An issue was discovered with the windows.create() WebExtensions API. If a user were tricked in to installing a malicious extension, an attacker could potentially exploit this to escape the WebExtensions sandbox. (CVE-2016-9073) It was discovered that WebExtensions can use the mozAddonManager API. An attacker could potentially exploit this to install additional extensions without user permission. (CVE-2016-9075) It was discovered that element dropdown menus can cover location bar content when e10s is enabled. An attacker could potentially exploit this to conduct UI spoofing attacks. (CVE-2016-9076) It was discovered that canvas allows the use of the feDisplacementMap filter on cross-origin images. An attacker could potentially exploit this to conduct timing attacks. (CVE-2016-9077)


Affected Package


OS OS Version Package Name Package Version
Ubuntu 16.10 firefox 50.0+build2-0ubuntu0.16.10.2
Ubuntu 16.04 firefox 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-dbg 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-dbgsym 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-dev 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-globalmenu 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-af 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-an 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-ar 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-as 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-ast 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-az 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-be 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-bg 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-bn 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-br 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-bs 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-ca 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-cs 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-csb 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-cy 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-da 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-de 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-el 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-en 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-eo 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-es 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-et 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-eu 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-fa 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-fi 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-fr 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-fy 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-ga 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-gd 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-gl 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-gn 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-gu 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-he 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-hi 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-hr 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-hsb 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-hu 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-hy 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-id 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-is 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-it 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-ja 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-ka 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-kk 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-km 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-kn 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-ko 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-ku 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-lg 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-lt 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-lv 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-mai 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-mk 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-ml 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-mn 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-mr 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-ms 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-nb 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-nl 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-nn 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-nso 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-oc 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-or 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-pa 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-pl 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-pt 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-ro 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-ru 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-si 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-sk 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-sl 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-sq 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-sr 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-sv 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-sw 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-ta 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-te 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-th 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-tr 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-uk 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-uz 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-vi 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-xh 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-zh-hans 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-zh-hant 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-locale-zu 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-mozsymbols 50.0+build2-0ubuntu0.16.04.2
Ubuntu 16.04 firefox-testsuite 50.0+build2-0ubuntu0.16.04.2
Ubuntu 14.04 firefox 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-dbg 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-dev 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-globalmenu 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-af 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-an 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-ar 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-as 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-ast 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-be 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-bg 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-bn 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-br 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-bs 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-ca 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-cs 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-csb 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-cy 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-da 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-de 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-el 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-en 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-eo 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-es 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-et 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-eu 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-fa 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-fi 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-fr 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-fy 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-ga 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-gd 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-gl 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-gu 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-he 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-hi 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-hr 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-hu 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-hy 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-id 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-is 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-it 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-ja 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-ka 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-kk 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-km 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-kn 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-ko 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-ku 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-lg 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-lt 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-lv 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-mai 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-mk 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-ml 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-mn 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-mr 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-ms 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-nb 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-nl 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-nn 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-nso 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-oc 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-or 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-pa 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-pl 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-pt 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-ro 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-ru 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-si 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-sk 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-sl 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-sq 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-sr 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-sv 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-sw 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-ta 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-te 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-th 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-tr 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-uk 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-vi 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-xh 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-zh-hans 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-zh-hant 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-locale-zu 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-mozsymbols 50.0+build2-0ubuntu0.14.04.2
Ubuntu 14.04 firefox-testsuite 50.0+build2-0ubuntu0.14.04.2
Ubuntu 12.04 firefox 50.0+build2-0ubuntu0.12.04.2

Related