Vulnerabilities affecting this package (0)
| Vulnerability |
Summary |
Fixed by |
|
This package is not known to be affected by vulnerabilities.
|
Vulnerabilities fixed by this package (8)
| Vulnerability |
Summary |
Aliases |
|
VCID-4gwx-75uj-tyep
|
Mozilla community member jomo reported a use-after-free crash when
processing WebGL content. This issue was caused by the use of a texture after its recycle
pool has been destroyed during WebGL operations, which frees the memory associated with
the texture. This results in a potentially exploitable crash when the texture is later
called.
|
CVE-2016-2828
|
|
VCID-bd3j-r1wt-dyf4
|
Security researcher sushi Anton Larsson reported that when paired
fullscreen and pointerlock requests are done in combination with closing windows, a
pointerlock can be created within a fullscreen window without user permission. This
pointerlock cannot then be cancelled without terminating the browser, resulting in a
persistent denial of service attack. This can also be used for spoofing and clickjacking
attacks against the browser UI.
|
CVE-2016-2831
|
|
VCID-bp6q-cu6s-2ke7
|
Mozilla developers and community members reported several memory safety bugs in the
browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed
evidence of memory corruption under certain circumstances, and we presume that with enough
effort at least some of these could be exploited to run arbitrary code.
|
CVE-2016-2818
|
|
VCID-ev18-anej-zbap
|
Security researcher Jordi Chancel reported a method to spoof the
contents of the addressbar. This uses a persistent menu within a
<select> element, which acts as a container for HTML content and can be
placed in an arbitrary location. When placed over the addressbar, this can mask the true
site URL, allowing for spoofing by a malicious site.
|
CVE-2016-2822
|
|
VCID-k813-qahc-ubf4
|
Security researcher Aral reported an out-of-bounds write when using
the ANGLE graphics library, which is used for WebGL content on Windows systems. This crash
occurs due to improper size checking while writing to an array during some WebGL shader
operations.
The ANGLE graphics library is only used on Windows. Linux, OS X, and
Android operating systems are not affected by this vulnerability.
|
CVE-2016-2824
|
|
VCID-kvkh-dxw4-rfde
|
Security researcher firehack reported a buffer overflow when parsing
HTML5 fragments in a foreign context such as under an <svg> node. This
results in a potentially exploitable crash when inserting an HTML fragment into an
existing document.
|
CVE-2016-2819
|
|
VCID-qu9b-rst3-v7fa
|
Security researcher Frédéric Hoguin reported a mechanism where the
Mozilla Windows updater could be used to overwrite arbitrary files. He found that files
extracted by the updater from a MAR archive are not locked for writing and
can be overwritten by other processes while the updater is running. A malicious local
program could invoke the updater and then interfere with the extracted files, replacing
them with its own. This vulnerability could be used for privilege escalation if these
overwritten files were later invoked by other Windows components that had higher
privileges.
This issue does not affect non-Windows operating systems.
|
CVE-2016-2826
|
|
VCID-sr99-hhmv-xkhq
|
Security researcher firehack used the Address Sanitizer
tool to discover a use-after-free in contenteditable mode. This occurs when deleting
document object model (DOM) table elements created within the editor and results in a
potentially exploitable crash.
|
CVE-2016-2821
|