Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Mozilla Firefox ESR < 52.1 Multiple Vulnerabilities

High

Synopsis

The remote host has a web browser installed that is vulnerable to multiple attack vectors.

Description

Versions of Mozilla Firefox ESR earlier than 52.1 are unpatched for the following vulnerabilities :

- A use-after-free error exists that is related to certain text input selections. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2017-5432) - A use-after-free error exists in the SMIL animation functions. The issue is triggered when handling animation elements. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2017-5433) - A use-after-free error exists that is triggered when redirecting focus handling. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2017-5434) - A use-after-free error exists that is triggered when processing transactions in the editor during design mode interactions. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2017-5435) - A use-after-free error exists in the 'nsAutoPtr()' function that is triggered during XSLT processing. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2017-5438) - A use-after-free error exists in the 'Length()' function in 'nsTArray' that is triggered when handling template parameters during XSLT processing. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2017-5439) - A use-after-free error exists in the 'txExecutionState' destructor that is triggered during the processing of XSLT content. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2017-5440) - A use-after-free error exists that is triggered when holding a selection during scroll events. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2017-5441) - A use-after-free error exists that is triggered when changing styles in DOM elements. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2017-5442) - An out-of-bounds write flaw exists that is triggered during the decoding of improperly formed BinHex format archives. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2017-5443) - An overflow condition exists that is triggered as certain input is not properly validated when parsing 'application/http-index-format' content. This may allow a context-dependent attacker to cause a buffer overflow, potentially allowing the execution of arbitrary code. (CVE-2017-5444) - An out-of-bounds read flaw exists that is triggered when handling 'HTTP/2 DATA' connections that send DATA frames with incorrect data content. This may allow a context-dependent attacker to potentially disclose memory contents. (CVE-2017-5446) - An out-of-bounds read flaw exists that is triggered when processing glyph widths during text layouts. This may allow a context-dependent attacker to potentially disclose memory contents. (CVE-2017-5447) - An out-of-bounds write flaw exists in the 'ClearKeyDecryptor::Decrypt()' function in 'ClearKeyDecryptionManager.cpp' that is triggered when decrypting Clearkey-encrypted media content. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2017-5448) - An overflow condition exists in WebGL. The issue is triggered as certain input is not properly validated when handling web content. This may allow a context-dependent attacker to cause a buffer overflow, potentially allowing the execution of arbitrary code. (CVE-2017-5459) - A use-after-free error exists in frame selection that is triggered when handling a combination of malicious script content and key presses. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2017-5460) - An overflow condition exists in Base64 decoding. The issue is triggered as certain input is not properly validated. This may allow a context-dependent attacker to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code. (CVE-2017-5461) - A flaw in the DRBG number generation exists that is triggered as internal state V does not correctly carry bits over. This may result in potentially predictable random number generation. (CVE-2017-5462) - A flaw exists that is triggered as certain input is not properly validated when making changes to DOM content in the accessibility tree. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2017-5464) - An out-of-bounds read flaw exists in 'ConvolvePixel' that is triggered when processing specially crafted SVG content. This may allow a context-dependent attacker to potentially disclose memory contents. (CVE-2017-5465) - Multiple overflow conditions exist in the FLEX generated code. The issue is triggered as certain input is not properly validated. This may allow a context-dependent attacker to cause a buffer overflow, potentially allowing the execution of arbitrary code. (CVE-2017-5469) - Multiple unspecified flaws exist that are triggered as certain input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2017-5429 ,CVE-2017-5430)

Solution

Upgrade to Firefox version 52.1 or later.