Chamal De Silva

**Name of the Vulnerable Software and Affected Versions** FFmpeg versions prior to 3.2.14 FFmpeg versions 4.x prior to 4.1.4 **Description** The issue is related to the lack of error checking in the sscanf function in the libavformat library of the FFmpeg multimedia environment. This can lead to the use of uninitialized variables. Exploitation of this issue may allow a remote attacker to compromise data integrity, gain unauthorized access to protected information, and cause a denial of service. **Recommendations** For FFmpeg versions prior to 3.2.14, update to version 3.2.14 or later. For FFmpeg versions 4.x prior to 4.1.4, update to version 4.1.4 or later. As a temporary workaround, consider restricting access to the `aa read header` function in `libavformat/aadec.c` until a patch is available.

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 7.1.27 PHP versions 7.2.x prior to 7.2.16 PHP versions 7.3.x prior to 7.3.3 **Description** The issue is related to an uninitialized read in the EXIF component of PHP, which can be exploited by a remote attacker to execute arbitrary PHP code. This is due to the use of an uninitialized resource in the exif process IFD in TIFF function. **Recommendations** For PHP versions prior to 7.1.27, update to version 7.1.27 or later. For PHP versions 7.2.x prior to 7.2.16, update to version 7.2.16 or later. For PHP versions 7.3.x prior to 7.3.3, update to version 7.3.3 or later.

**Name of the Vulnerable Software and Affected Versions** Thunderbird versions prior to 52.1 Firefox ESR versions prior to 52.1 Firefox versions prior to 53 Firefox ESR versions prior to 45.9 **Description** A buffer overflow vulnerability occurs while parsing "application/http-index-format" format content when the header contains improperly formatted data, allowing for an out-of-bounds read of data from memory. The vulnerability is related to the implementation of the `nsDirIndexParser::ParseData` method in the `nsDirIndexParser.cpp` file, which can lead to a buffer overflow in memory. This issue can be exploited by a remote attacker to gain access to protected information. **Recommendations** For Thunderbird versions prior to 52.1, update to version 52.1 or later. For Firefox ESR versions prior to 52.1, update to version 52.1 or later. For Firefox versions prior to 53, update to version 53 or later. For Firefox ESR versions prior to 45.9, update to version 45.9 or later.

**Name of the Vulnerable Software and Affected Versions** Thunderbird versions prior to 52.1 Firefox ESR versions prior to 52.1 Firefox ESR versions prior to 45.9 Firefox versions prior to 53 **Description** The issue is related to the parsing of "application/http-index-format" format content, where uninitialized values are used to create an array, potentially allowing the reading of uninitialized memory into the affected arrays. This could enable a remote attacker to access protected information due to a lack of checking during array indexing in the nsDirIndexParser::ParseFormat method. **Recommendations** For Thunderbird versions prior to 52.1, update to version 52.1 or later. For Firefox ESR versions prior to 52.1, update to version 52.1 or later. For Firefox ESR versions prior to 45.9, update to version 45.9 or later. For Firefox versions prior to 53, update to version 53 or later.

**Name of the Vulnerable Software and Affected Versions** Thunderbird versions prior to 52.1 Firefox ESR versions prior to 52.1 Firefox versions prior to 53 **Description** The issue is related to an out-of-bounds write vulnerability that occurs while decoding improperly formed BinHex format archives. This can lead to a denial of service. The vulnerability is also associated with the use of memory after it has been freed, specifically in the `ProcessNextState` method, when decoding malformed BinHex archives. **Recommendations** For Thunderbird versions prior to 52.1, update to version 52.1 or later. For Firefox ESR versions prior to 52.1, update to version 52.1 or later. For Firefox versions prior to 53, update to version 53 or later.

**Name of the Vulnerable Software and Affected Versions** IcedTea-Web plugin versions prior to 1.2.1 **Description** The issue allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted web page. This occurs because the getFirstInTableInstance function returns an uninitialized pointer when the instance to id map hash is empty, causing an uninitialized memory location to be read. **Recommendations** For versions prior to 1.2.1, update to version 1.2.1 or later to resolve the issue. As a temporary workaround, consider restricting access to web pages that could potentially exploit this issue until the update is applied.