Abhishek Arya

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 56 **Description** The issue is related to a JavaScript parser vulnerability in Mozilla Firefox, which involves reading data beyond buffer boundaries in memory. This can potentially allow a remote attacker to gain unauthorized access to protected information or cause a denial of service. The vulnerability usually results in a non-exploitable crash but can leak a limited amount of information from memory if it matches JavaScript identifier syntax. **Recommendations** For versions prior to 56, update to version 56 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 56 Firefox ESR versions prior to 52.4 Thunderbird versions prior to 52.4 **Description** A use-after-free issue can occur in the Fetch API when the worker or the associated window are freed while still in use, potentially leading to a crash. This issue may allow a remote attacker to cause a denial of service. **Recommendations** For Firefox versions prior to 56, update to version 56 or later. For Firefox ESR versions prior to 52.4, update to version 52.4 or later. For Thunderbird versions prior to 52.4, update to version 52.4 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 54 Firefox ESR versions prior to 52.2 Thunderbird versions prior to 52.2 **Description** A use-after-free and use-after-scope issue exists when logging errors from headers for XML HTTP Requests (XHR), potentially leading to a crash. This could be exploited by a remote attacker to cause a denial of service. **Recommendations** For Firefox versions prior to 54, update to version 54 or later to resolve the issue. For Firefox ESR versions prior to 52.2, update to version 52.2 or later to resolve the issue. For Thunderbird versions prior to 52.2, update to version 52.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 50 Firefox ESR versions prior to 45.5 Thunderbird versions prior to 45.5 **Description** A heap-buffer-overflow issue in Cairo when processing SVG content, caused by compiler optimization, can result in a potentially exploitable crash. **Recommendations** For Firefox versions prior to 50, update to version 50 or later. For Firefox ESR versions prior to 45.5, update to version 45.5 or later. For Thunderbird versions prior to 45.5, update to version 45.5 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 49.0 Mozilla Firefox ESR 45.x versions prior to 45.4 Thunderbird versions prior to 45.4 **Description** The issue arises from the nsImageGeometryMixin class not properly performing a cast of an unspecified variable during handling of INPUT elements. This allows remote attackers to execute arbitrary code via a crafted web site. **Recommendations** For Mozilla Firefox versions prior to 49.0, update to version 49.0 or later. For Mozilla Firefox ESR 45.x versions prior to 45.4, update to version 45.4 or later. For Thunderbird versions prior to 45.4, update to version 45.4 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 49.0 **Description** The issue allows remote attackers to cause a denial of service, resulting in an out-of-bounds read and application crash. This is achieved through text runs in conjunction with a "display: contents" Cascading Style Sheets (CSS) property, specifically exploiting the PropertyProvider::GetSpacingInternal function. **Recommendations** For versions prior to 49.0, update to version 49.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 48.0 Firefox ESR 45.x versions prior to 45.3 **Description** The issue is related to a use-after-free vulnerability in the `nsXULPopupManager::KeyDown` function. This vulnerability allows attackers to execute arbitrary code or cause a denial of service, such as heap memory corruption and application crash, by leveraging keyboard access to use the Alt key during the selection of top-level menu items. **Recommendations** For Mozilla Firefox versions prior to 48.0, update to version 48.0 or later. For Firefox ESR 45.x versions prior to 45.3, update to version 45.3 or later.

**Name of the Vulnerable Software and Affected Versions** Android versions prior to 2016-05-01 on Nexus 5 devices **Description** The issue is related to insufficient input validation in the Qualcomm hardware video codec. This can be exploited by a remote attacker to cause a denial of service, resulting in a device reboot, by using a specially crafted file. No information is provided about the estimated number of potentially affected devices or real-world incidents. **Recommendations** For Android versions prior to 2016-05-01 on Nexus 5 devices, update the operating system to a version released after 2016-05-01 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Android versions 5.x through 5.1.1 LMY49F Android versions 6.0 through 2016-01-01 **Description** The issue is caused by a buffer overflow in the mediaserver component of the Android operating system. Exploitation of this issue may allow a remote attacker to execute arbitrary code or cause a denial of service (memory corruption) using a specially crafted media file. **Recommendations** For Android versions 5.x through 5.1.1 LMY49F, update to version 5.1.1 LMY49F or later. For Android versions 6.0 through 2016-01-01, apply the patch available after 2016-01-01. As a temporary workaround, consider restricting the use of mediaserver to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Android (affected versions not specified) **Description** The issue is caused by a buffer overflow in the mediaserver component of the Android operating system. Exploitation of this issue may allow a remote attacker to execute arbitrary code or cause a denial of service (memory corruption) by using a specially crafted media file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 40.0 Firefox ESR versions prior to 38.2 **Description** The issue is related to a heap-based buffer overflow in the resize context buffers function in libvpx, which can be exploited by remote attackers via malformed WebM video data, potentially allowing them to execute arbitrary code. **Recommendations** For Mozilla Firefox versions prior to 40.0, update to version 40.0 or later. For Firefox ESR versions prior to 38.2, update to version 38.2 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 40.0 Firefox ESR versions prior to 38.2 **Description** The issue is related to the decrease ref count function in the libvpx library, which can be exploited by remote attackers using malformed WebM video data. This can lead to the execution of arbitrary code or cause a denial of service due to an out-of-bounds read. The vulnerability is also described as a buffer overflow. **Recommendations** For Mozilla Firefox versions prior to 40.0, update to version 40.0 or later. For Firefox ESR versions prior to 38.2, update to version 38.2 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 37.0 **Description** The issue is related to the Off Main Thread Compositing (OMTC) implementation, which attempts to use memset for a memory region of negative length during interaction with the `mozilla::layers::BufferTextureClient::AllocateForSurface` function. This allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors that trigger rendering of 2D graphics content. **Recommendations** For versions prior to 37.0, update to version 37.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 37.0 **Description** The issue is related to the Off Main Thread Compositing (OMTC) implementation, which makes an incorrect memset call during interaction with the `mozilla::layers::BufferTextureClient::AllocateForSurface` function. This allows remote attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, via vectors that trigger rendering of 2D graphics content. **Recommendations** For versions prior to 37.0, update to version 37.0 or later to resolve the issue. As a temporary workaround, consider restricting the rendering of 2D graphics content until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 36.0 Firefox ESR versions prior to 31.5 Thunderbird versions prior to 31.5 **Description** A heap-based buffer overflow issue exists in the mozilla::gfx::CopyRect function, allowing remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic. **Recommendations** For Mozilla Firefox versions prior to 36.0, update to version 36.0 or later. For Firefox ESR versions prior to 31.5, update to version 31.5 or later. For Thunderbird versions prior to 31.5, update to version 31.5 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 25.0 Firefox ESR 24.x versions prior to 24.1 Thunderbird versions prior to 24.1 SeaMonkey versions prior to 2.22 **Description** The issue is related to a use-after-free vulnerability in the `nsContentUtils::ContentIsHostIncludingDescendantOf` function. This vulnerability can be exploited by remote attackers to execute arbitrary code or cause a denial of service, resulting in heap memory corruption. The exploitation vectors involve HTML document templates. **Recommendations** For Mozilla Firefox versions prior to 25.0, update to version 25.0 or later. For Firefox ESR 24.x versions prior to 24.1, update to version 24.1 or later. For Thunderbird versions prior to 24.1, update to version 24.1 or later. For SeaMonkey versions prior to 2.22, update to version 2.22 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 24.0 Firefox ESR versions prior to 17.0.9 Thunderbird versions prior to 24.0 Thunderbird ESR versions prior to 17.0.9 SeaMonkey versions prior to 2.21 **Description** The issue allows remote attackers to execute arbitrary code or cause a denial of service due to heap memory corruption. This is achieved through vectors involving stylesheet cloning, exploiting a use-after-free vulnerability in the `nsAnimationManager::BuildAnimations` function. **Recommendations** For Mozilla Firefox versions prior to 24.0, update to version 24.0 or later. For Firefox ESR versions prior to 17.0.9, update to version 17.0.9 or later. For Thunderbird versions prior to 24.0, update to version 24.0 or later. For Thunderbird ESR versions prior to 17.0.9, update to version 17.0.9 or later. For SeaMonkey versions prior to 2.21, update to version 2.21 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 22.0 Firefox ESR versions prior to 17.0.7 Thunderbird versions prior to 17.0.7 Thunderbird ESR versions prior to 17.0.7 **Description** A use-after-free issue in the mozilla::ResetDir function allows remote attackers to execute arbitrary code or cause a denial of service due to heap memory corruption via unspecified vectors. **Recommendations** For Mozilla Firefox versions prior to 22.0, update to version 22.0 or later. For Firefox ESR versions prior to 17.0.7, update to version 17.0.7 or later. For Thunderbird versions prior to 17.0.7, update to version 17.0.7 or later. For Thunderbird ESR versions prior to 17.0.7, update to version 17.0.7 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 21.0 Firefox ESR 17.x versions prior to 17.0.6 Thunderbird versions prior to 17.0.6 Thunderbird ESR 17.x versions prior to 17.0.6 **Description** A use-after-free issue in the `nsFrameList::FirstChild` function allows remote attackers to execute arbitrary code or cause a denial of service due to heap memory corruption via unspecified vectors. **Recommendations** For Mozilla Firefox versions prior to 21.0, update to version 21.0 or later. For Firefox ESR 17.x versions prior to 17.0.6, update to version 17.0.6 or later. For Thunderbird versions prior to 17.0.6, update to version 17.0.6 or later. For Thunderbird ESR 17.x versions prior to 17.0.6, update to version 17.0.6 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 21.0 Firefox ESR 17.x versions prior to 17.0.6 Thunderbird versions prior to 17.0.6 Thunderbird ESR 17.x versions prior to 17.0.6 **Description** The issue allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors, related to an out-of-bounds read in the `gfxSkipCharsIterator::SetOffsets` function. **Recommendations** For Mozilla Firefox versions prior to 21.0, update to version 21.0 or later. For Firefox ESR 17.x versions prior to 17.0.6, update to version 17.0.6 or later. For Thunderbird versions prior to 17.0.6, update to version 17.0.6 or later. For Thunderbird ESR 17.x versions prior to 17.0.6, update to version 17.0.6 or later.