Mozilla: >> Firefox >> 29.0 Security Vulnerabilities
URLs using "javascript:" have the protocol removed when pasted into the addressbar to protect users from cross-site scripting (XSS) attacks, but if a tab character is embedded in the "javascript:" URL the protocol is not removed and the script will execute. This could allow users to be socially engineered to run an XSS attack against themselves. This vulnerability affects Firefox < 59.
CVSS Score
6.1
EPSS Score
0.005
Published
2018-06-11
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.
CVSS Score
8.8
EPSS Score
0.262
Published
2018-06-11
The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR < 52.7.2 and Firefox < 59.0.1.
CVSS Score
9.8
EPSS Score
0.015
Published
2018-06-11
A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.7.3 and Firefox < 59.0.2.
CVSS Score
9.8
EPSS Score
0.019
Published
2018-06-11
Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
CVSS Score
9.8
EPSS Score
0.03
Published
2018-06-11
Memory safety bugs were reported in Firefox 59. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 60.
CVSS Score
9.8
EPSS Score
0.039
Published
2018-06-11
WebExtensions can bypass user prompts to first save and then open an arbitrarily downloaded file. This can result in an executable file running with local user privileges without explicit user consent. This vulnerability affects Firefox < 58.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-06-11
Style editor traffic in the Developer Tools can be routed through a service worker hosted on a third party website if a user selects error links when these tools are open. This can allow style editor information used within Developer Tools to leak cross-origin. This vulnerability affects Firefox < 58.
CVSS Score
5.3
EPSS Score
0.004
Published
2018-06-11
The printing process can bypass local access protections to read files available through symlinks, bypassing local file restrictions. The printing process requires files in a specific format so arbitrary data cannot be read but it is possible that some local file information could be exposed. This vulnerability affects Firefox < 58.
CVSS Score
5.3
EPSS Score
0.018
Published
2018-06-11
A Blob URL can violate origin attribute segregation, allowing it to be accessed from a private browsing tab and for data to be passed between the private browsing tab and a normal tab. This could allow for the leaking of private information specific to the private browsing context. This issue is mitigated by the requirement that the user enter the Blob URL manually in order for the access violation to occur. This vulnerability affects Firefox < 58.
CVSS Score
4.3
EPSS Score
0.003
Published
2018-06-11