[3.6] firefox-esr: Multiple vulnerabilities (CVE-2017-5470, CVE-2017-5472, CVE-2017-7749, CVE-2017-7750, CVE-2017-7751, CVE-2017-7752, CVE-2017-7754, CVE-2017-7756, CVE-2017-7757, CVE-2017-7758, CVE-2017-7764, CVE-2017-7778)ID: oval:org.secpod.oval:def:1800108 | Date: (C)2018-03-28 (M)2021-11-24 |
Class: PATCH | Family: unix |
CVE-2017-5470: Memory safety bugs CVE-2017-5472: Use-after-free using destroyed node when regenerating trees CVE-2017-7749: Use-after-free during docshell reloading CVE-2017-7750: Use-after-free with track elements CVE-2017-7751: Use-after-free with content viewer listeners CVE-2017-7752: Use-after-free with IME input CVE-2017-7754: Out-of-bounds read in WebGL with ImageInfo object CVE-2017-7756: Use-after-free and use-after-scope logging XHR header errors CVE-2017-7757: Use-after-free in IndexedDB CVE-2017-7758: Out-of-bounds read in Opus encoder CVE-2017-7764: Domain spoofing with combination of Canadian Syllabics and other unicode blocks CVE-2017-7778: Vulnerabilities in the Graphite 2 library Fixed in: Firefox ESR 52.2
Platform: |
Alpine Linux 3.6 |