[3.6] firefox-esr: Security vulnerabilities (CVE-2017-5373, CVE-2017-5375, CVE-2017-5376, CVE-2017-5378, CVE-2017-5380, CVE-2017-5383, CVE-2017-5386, CVE-2017-5390, CVE-2017-5396)| ID: oval:org.secpod.oval:def:1800216 | Date: (C)2018-03-28 (M)2023-12-07 |
| Class: PATCH | Family: unix |
CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7 CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP CVE-2017-5376: Use-after-free in XSL CVE-2017-5378: Pointer and frame data leakage of Javascript objects CVE-2017-5380: Potential use-after-free during DOM manipulations CVE-2017-5383: Location bar spoofing with unicode characters CVE-2017-5386: WebExtensions can use data: protocol to affect other extensions CVE-2017-5390: Insecure communication methods in Developer Tools JSON viewer CVE-2017-5396: Use-after-free with Media Decoder Fixed in: Firefox ESR 45.7
| Platform: |
| Alpine Linux 3.6 |
