FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
firefox < 61.0_1,1
waterfox <
linux-seamonkey < 2.49.4
seamonkey < 2.49.4
60.0,1 <= firefox-esr < 60.1.0_1,1
firefox-esr < 52.9.0_1,1
linux-firefox < 52.9.0,2
libxul < 52.9.0
linux-thunderbird < 52.9.0
thunderbird < 52.9.0


VuXML ID cd81806c-26e7-4d4a-8425-02724a2f48af
Discovery 2018-06-26
Entry 2018-06-26
Modified 2018-07-07

Mozilla Foundation reports:

CVE-2018-12359: Buffer overflow using computed size of canvas element

CVE-2018-12360: Use-after-free when using focus()

CVE-2018-12361: Integer overflow in SwizzleData

CVE-2018-12358: Same-origin bypass using service worker and redirection

CVE-2018-12362: Integer overflow in SSSE3 scaler

CVE-2018-5156: Media recorder segmentation fault when track type is changed during capture

CVE-2018-12363: Use-after-free when appending DOM nodes

CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins

CVE-2018-12365: Compromised IPC child process can list local filenames

CVE-2018-12371: Integer overflow in Skia library during edge builder allocation

CVE-2018-12366: Invalid data handling during QCMS transformations

CVE-2018-12367: Timing attack mitigation of PerformanceNavigationTiming

CVE-2018-12368: No warning when opening executable SettingContent-ms files

CVE-2018-12369: WebExtension security permission checks bypassed by embedded experiments

CVE-2018-12370: SameSite cookie protections bypassed when exiting Reader View

CVE-2018-5186: Memory safety bugs fixed in Firefox 61

CVE-2018-5187: Memory safety bugs fixed in Firefox 60 and Firefox ESR 60.1

CVE-2018-5188: Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9


CVE Name CVE-2018-12358
CVE Name CVE-2018-12359
CVE Name CVE-2018-12360
CVE Name CVE-2018-12361
CVE Name CVE-2018-12362
CVE Name CVE-2018-12363
CVE Name CVE-2018-12364
CVE Name CVE-2018-12365
CVE Name CVE-2018-12366
CVE Name CVE-2018-12367
CVE Name CVE-2018-12368
CVE Name CVE-2018-12369
CVE Name CVE-2018-12370
CVE Name CVE-2018-12371
CVE Name CVE-2018-5156
CVE Name CVE-2018-5186
CVE Name CVE-2018-5187
CVE Name CVE-2018-5188