Search for packages
| purl | pkg:alpm/archlinux/firefox@49.0-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-2bpp-tjhy-aaaj | Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to cause a denial of service (boolean out-of-bounds write) or possibly have unspecified other impact via Unicode characters that are mishandled during text conversion. |
CVE-2016-5270
|
| VCID-2n2a-v1kj-aaan | The PropertyProvider::GetSpacingInternal function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via text runs in conjunction with a "display: contents" Cascading Style Sheets (CSS) property. |
CVE-2016-5271
|
| VCID-3cph-2k9r-aaaa | Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image. |
CVE-2016-5278
|
| VCID-584c-kb45-aaaj | The mozilla::a11y::HyperTextAccessible::GetChildOffset function in the accessibility implementation in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code via a crafted web site. |
CVE-2016-5273
|
| VCID-bx9t-ctvs-aaad | Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority. |
CVE-2016-5284
|
| VCID-ck43-phjd-aaaa | Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging improper interaction between timeline destruction and the Web Animations model implementation. |
CVE-2016-5277
|
| VCID-dfjg-xtqc-aaah | Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon requests, which might allow remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by a jar: URL for a favicon resource. |
CVE-2016-5282
|
| VCID-j5pg-w8av-aaag | Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation. |
CVE-2016-5274
|
| VCID-pvbf-s2c7-aaac | Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code. |
CVE-2016-5279
|
| VCID-qvt9-2xmd-aaas | Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document. |
CVE-2016-5281
|
| VCID-su59-uqwb-aaaf | Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an aria-owns attribute. |
CVE-2016-5276
|
| VCID-tz9z-smtv-aaac | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
CVE-2016-5256
|
| VCID-usee-6um4-aaaj | Mozilla Firefox before 49.0 allows remote attackers to bypass the Same Origin Policy via a crafted fragment identifier in the SRC attribute of an IFRAME element, leading to insufficient restrictions on link-color information after a document is resized. |
CVE-2016-5283
|
| VCID-vf7r-npzt-aaam | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
CVE-2016-5257
|
| VCID-z66g-bcdb-aaaa | Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via bidirectional text. |
CVE-2016-5280
|
| VCID-zdmf-25u6-aaah | The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site. |
CVE-2016-5272
|
| VCID-zu5u-e25u-aaas | Buffer overflow in the mozilla::gfx::FilterSupport::ComputeSourceNeededRegions function in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code by leveraging improper interaction between empty filters and CANVAS element rendering. |
CVE-2016-5275
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:45:07.241701+00:00 | Arch Linux Importer | Fixing | VCID-tz9z-smtv-aaac | https://security.archlinux.org/AVG-24 | 36.0.0 |
| 2025-03-28T07:45:07.206306+00:00 | Arch Linux Importer | Fixing | VCID-vf7r-npzt-aaam | https://security.archlinux.org/AVG-24 | 36.0.0 |
| 2025-03-28T07:45:07.171348+00:00 | Arch Linux Importer | Fixing | VCID-2bpp-tjhy-aaaj | https://security.archlinux.org/AVG-24 | 36.0.0 |
| 2025-03-28T07:45:07.135299+00:00 | Arch Linux Importer | Fixing | VCID-2n2a-v1kj-aaan | https://security.archlinux.org/AVG-24 | 36.0.0 |
| 2025-03-28T07:45:07.100291+00:00 | Arch Linux Importer | Fixing | VCID-zdmf-25u6-aaah | https://security.archlinux.org/AVG-24 | 36.0.0 |
| 2025-03-28T07:45:07.063941+00:00 | Arch Linux Importer | Fixing | VCID-584c-kb45-aaaj | https://security.archlinux.org/AVG-24 | 36.0.0 |
| 2025-03-28T07:45:07.028965+00:00 | Arch Linux Importer | Fixing | VCID-j5pg-w8av-aaag | https://security.archlinux.org/AVG-24 | 36.0.0 |
| 2025-03-28T07:45:06.993921+00:00 | Arch Linux Importer | Fixing | VCID-zu5u-e25u-aaas | https://security.archlinux.org/AVG-24 | 36.0.0 |
| 2025-03-28T07:45:06.958929+00:00 | Arch Linux Importer | Fixing | VCID-su59-uqwb-aaaf | https://security.archlinux.org/AVG-24 | 36.0.0 |
| 2025-03-28T07:45:06.923737+00:00 | Arch Linux Importer | Fixing | VCID-ck43-phjd-aaaa | https://security.archlinux.org/AVG-24 | 36.0.0 |
| 2025-03-28T07:45:06.888559+00:00 | Arch Linux Importer | Fixing | VCID-3cph-2k9r-aaaa | https://security.archlinux.org/AVG-24 | 36.0.0 |
| 2025-03-28T07:45:06.853437+00:00 | Arch Linux Importer | Fixing | VCID-pvbf-s2c7-aaac | https://security.archlinux.org/AVG-24 | 36.0.0 |
| 2025-03-28T07:45:06.820060+00:00 | Arch Linux Importer | Fixing | VCID-z66g-bcdb-aaaa | https://security.archlinux.org/AVG-24 | 36.0.0 |
| 2025-03-28T07:45:06.785214+00:00 | Arch Linux Importer | Fixing | VCID-qvt9-2xmd-aaas | https://security.archlinux.org/AVG-24 | 36.0.0 |
| 2025-03-28T07:45:06.750147+00:00 | Arch Linux Importer | Fixing | VCID-dfjg-xtqc-aaah | https://security.archlinux.org/AVG-24 | 36.0.0 |
| 2025-03-28T07:45:06.715054+00:00 | Arch Linux Importer | Fixing | VCID-usee-6um4-aaaj | https://security.archlinux.org/AVG-24 | 36.0.0 |
| 2025-03-28T07:45:06.679139+00:00 | Arch Linux Importer | Fixing | VCID-bx9t-ctvs-aaad | https://security.archlinux.org/AVG-24 | 36.0.0 |
| 2024-09-18T02:00:04.348303+00:00 | Arch Linux Importer | Fixing | VCID-tz9z-smtv-aaac | https://security.archlinux.org/AVG-24 | 34.0.1 |
| 2024-09-18T02:00:04.320827+00:00 | Arch Linux Importer | Fixing | VCID-vf7r-npzt-aaam | https://security.archlinux.org/AVG-24 | 34.0.1 |
| 2024-09-18T02:00:04.293963+00:00 | Arch Linux Importer | Fixing | VCID-2bpp-tjhy-aaaj | https://security.archlinux.org/AVG-24 | 34.0.1 |
| 2024-09-18T02:00:04.267158+00:00 | Arch Linux Importer | Fixing | VCID-2n2a-v1kj-aaan | https://security.archlinux.org/AVG-24 | 34.0.1 |
| 2024-09-18T02:00:04.241898+00:00 | Arch Linux Importer | Fixing | VCID-zdmf-25u6-aaah | https://security.archlinux.org/AVG-24 | 34.0.1 |
| 2024-09-18T02:00:04.215634+00:00 | Arch Linux Importer | Fixing | VCID-584c-kb45-aaaj | https://security.archlinux.org/AVG-24 | 34.0.1 |
| 2024-09-18T02:00:04.188156+00:00 | Arch Linux Importer | Fixing | VCID-j5pg-w8av-aaag | https://security.archlinux.org/AVG-24 | 34.0.1 |
| 2024-09-18T02:00:04.161678+00:00 | Arch Linux Importer | Fixing | VCID-zu5u-e25u-aaas | https://security.archlinux.org/AVG-24 | 34.0.1 |
| 2024-09-18T02:00:04.134730+00:00 | Arch Linux Importer | Fixing | VCID-su59-uqwb-aaaf | https://security.archlinux.org/AVG-24 | 34.0.1 |
| 2024-09-18T02:00:04.107906+00:00 | Arch Linux Importer | Fixing | VCID-ck43-phjd-aaaa | https://security.archlinux.org/AVG-24 | 34.0.1 |
| 2024-09-18T02:00:04.083886+00:00 | Arch Linux Importer | Fixing | VCID-3cph-2k9r-aaaa | https://security.archlinux.org/AVG-24 | 34.0.1 |
| 2024-09-18T02:00:04.058568+00:00 | Arch Linux Importer | Fixing | VCID-pvbf-s2c7-aaac | https://security.archlinux.org/AVG-24 | 34.0.1 |
| 2024-09-18T02:00:04.029278+00:00 | Arch Linux Importer | Fixing | VCID-z66g-bcdb-aaaa | https://security.archlinux.org/AVG-24 | 34.0.1 |
| 2024-09-18T02:00:03.996208+00:00 | Arch Linux Importer | Fixing | VCID-qvt9-2xmd-aaas | https://security.archlinux.org/AVG-24 | 34.0.1 |
| 2024-09-18T02:00:03.968946+00:00 | Arch Linux Importer | Fixing | VCID-dfjg-xtqc-aaah | https://security.archlinux.org/AVG-24 | 34.0.1 |
| 2024-09-18T02:00:03.947274+00:00 | Arch Linux Importer | Fixing | VCID-usee-6um4-aaaj | https://security.archlinux.org/AVG-24 | 34.0.1 |
| 2024-09-18T02:00:03.925302+00:00 | Arch Linux Importer | Fixing | VCID-bx9t-ctvs-aaad | https://security.archlinux.org/AVG-24 | 34.0.1 |
| 2024-01-20T12:06:28.256160+00:00 | Arch Linux Importer | Fixing | VCID-tz9z-smtv-aaac | https://security.archlinux.org/AVG-24 | 34.0.0rc2 |
| 2024-01-20T12:06:28.234109+00:00 | Arch Linux Importer | Fixing | VCID-vf7r-npzt-aaam | https://security.archlinux.org/AVG-24 | 34.0.0rc2 |
| 2024-01-20T12:06:28.211791+00:00 | Arch Linux Importer | Fixing | VCID-2bpp-tjhy-aaaj | https://security.archlinux.org/AVG-24 | 34.0.0rc2 |
| 2024-01-20T12:06:28.189490+00:00 | Arch Linux Importer | Fixing | VCID-2n2a-v1kj-aaan | https://security.archlinux.org/AVG-24 | 34.0.0rc2 |
| 2024-01-20T12:06:28.167573+00:00 | Arch Linux Importer | Fixing | VCID-zdmf-25u6-aaah | https://security.archlinux.org/AVG-24 | 34.0.0rc2 |
| 2024-01-20T12:06:28.145525+00:00 | Arch Linux Importer | Fixing | VCID-584c-kb45-aaaj | https://security.archlinux.org/AVG-24 | 34.0.0rc2 |
| 2024-01-20T12:06:28.123539+00:00 | Arch Linux Importer | Fixing | VCID-j5pg-w8av-aaag | https://security.archlinux.org/AVG-24 | 34.0.0rc2 |
| 2024-01-20T12:06:28.101525+00:00 | Arch Linux Importer | Fixing | VCID-zu5u-e25u-aaas | https://security.archlinux.org/AVG-24 | 34.0.0rc2 |
| 2024-01-20T12:06:28.079416+00:00 | Arch Linux Importer | Fixing | VCID-su59-uqwb-aaaf | https://security.archlinux.org/AVG-24 | 34.0.0rc2 |
| 2024-01-20T12:06:28.057490+00:00 | Arch Linux Importer | Fixing | VCID-ck43-phjd-aaaa | https://security.archlinux.org/AVG-24 | 34.0.0rc2 |
| 2024-01-20T12:06:28.035566+00:00 | Arch Linux Importer | Fixing | VCID-3cph-2k9r-aaaa | https://security.archlinux.org/AVG-24 | 34.0.0rc2 |
| 2024-01-20T12:06:28.013577+00:00 | Arch Linux Importer | Fixing | VCID-pvbf-s2c7-aaac | https://security.archlinux.org/AVG-24 | 34.0.0rc2 |
| 2024-01-20T12:06:27.991581+00:00 | Arch Linux Importer | Fixing | VCID-z66g-bcdb-aaaa | https://security.archlinux.org/AVG-24 | 34.0.0rc2 |
| 2024-01-20T12:06:27.969552+00:00 | Arch Linux Importer | Fixing | VCID-qvt9-2xmd-aaas | https://security.archlinux.org/AVG-24 | 34.0.0rc2 |
| 2024-01-20T12:06:27.947539+00:00 | Arch Linux Importer | Fixing | VCID-dfjg-xtqc-aaah | https://security.archlinux.org/AVG-24 | 34.0.0rc2 |
| 2024-01-20T12:06:27.925643+00:00 | Arch Linux Importer | Fixing | VCID-usee-6um4-aaaj | https://security.archlinux.org/AVG-24 | 34.0.0rc2 |
| 2024-01-20T12:06:27.903512+00:00 | Arch Linux Importer | Fixing | VCID-bx9t-ctvs-aaad | https://security.archlinux.org/AVG-24 | 34.0.0rc2 |
| 2024-01-03T22:26:19.245485+00:00 | Arch Linux Importer | Fixing | VCID-tz9z-smtv-aaac | https://security.archlinux.org/AVG-24 | 34.0.0rc1 |
| 2024-01-03T22:26:19.224226+00:00 | Arch Linux Importer | Fixing | VCID-vf7r-npzt-aaam | https://security.archlinux.org/AVG-24 | 34.0.0rc1 |
| 2024-01-03T22:26:19.203008+00:00 | Arch Linux Importer | Fixing | VCID-2bpp-tjhy-aaaj | https://security.archlinux.org/AVG-24 | 34.0.0rc1 |
| 2024-01-03T22:26:19.181774+00:00 | Arch Linux Importer | Fixing | VCID-2n2a-v1kj-aaan | https://security.archlinux.org/AVG-24 | 34.0.0rc1 |
| 2024-01-03T22:26:19.157327+00:00 | Arch Linux Importer | Fixing | VCID-zdmf-25u6-aaah | https://security.archlinux.org/AVG-24 | 34.0.0rc1 |
| 2024-01-03T22:26:19.133345+00:00 | Arch Linux Importer | Fixing | VCID-584c-kb45-aaaj | https://security.archlinux.org/AVG-24 | 34.0.0rc1 |
| 2024-01-03T22:26:19.109319+00:00 | Arch Linux Importer | Fixing | VCID-j5pg-w8av-aaag | https://security.archlinux.org/AVG-24 | 34.0.0rc1 |
| 2024-01-03T22:26:19.081870+00:00 | Arch Linux Importer | Fixing | VCID-zu5u-e25u-aaas | https://security.archlinux.org/AVG-24 | 34.0.0rc1 |
| 2024-01-03T22:26:19.055263+00:00 | Arch Linux Importer | Fixing | VCID-su59-uqwb-aaaf | https://security.archlinux.org/AVG-24 | 34.0.0rc1 |
| 2024-01-03T22:26:19.030787+00:00 | Arch Linux Importer | Fixing | VCID-ck43-phjd-aaaa | https://security.archlinux.org/AVG-24 | 34.0.0rc1 |
| 2024-01-03T22:26:19.003274+00:00 | Arch Linux Importer | Fixing | VCID-3cph-2k9r-aaaa | https://security.archlinux.org/AVG-24 | 34.0.0rc1 |
| 2024-01-03T22:26:18.978797+00:00 | Arch Linux Importer | Fixing | VCID-pvbf-s2c7-aaac | https://security.archlinux.org/AVG-24 | 34.0.0rc1 |
| 2024-01-03T22:26:18.951825+00:00 | Arch Linux Importer | Fixing | VCID-z66g-bcdb-aaaa | https://security.archlinux.org/AVG-24 | 34.0.0rc1 |
| 2024-01-03T22:26:18.925021+00:00 | Arch Linux Importer | Fixing | VCID-qvt9-2xmd-aaas | https://security.archlinux.org/AVG-24 | 34.0.0rc1 |
| 2024-01-03T22:26:18.897722+00:00 | Arch Linux Importer | Fixing | VCID-dfjg-xtqc-aaah | https://security.archlinux.org/AVG-24 | 34.0.0rc1 |
| 2024-01-03T22:26:18.876383+00:00 | Arch Linux Importer | Fixing | VCID-usee-6um4-aaaj | https://security.archlinux.org/AVG-24 | 34.0.0rc1 |
| 2024-01-03T22:26:18.855135+00:00 | Arch Linux Importer | Fixing | VCID-bx9t-ctvs-aaad | https://security.archlinux.org/AVG-24 | 34.0.0rc1 |