Jerri Rice

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 53 ALT Linux (affected versions not specified) **Description** The issue is related to an incorrect ownership model of `privateBrowsing` information, which is exposed through developer tools. This can cause a non-exploitable crash when manually triggered during debugging. **Recommendations** For Firefox versions prior to 53, update to version 53 or later to resolve the issue. For ALT Linux, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 52 Firefox ESR versions prior to 45.8 Thunderbird versions prior to 52 Thunderbird versions prior to 45.8 **Description** The issue is related to memory corruption that can cause a potentially exploitable crash during the garbage collection of JavaScript. This is due to errors in managing incremental sweeping for memory cleanup. **Recommendations** For Firefox versions prior to 52, update to version 52 or later. For Firefox ESR versions prior to 45.8, update to version 45.8 or later. For Thunderbird versions prior to 52, update to version 52 or later. For Thunderbird versions prior to 45.8, update to version 45.8 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 51 **Description** The feed preview for RSS feeds can be exploited to capture errors and exceptions generated by privileged content. This allows for the exposure of internal information that is not intended to be seen by web content. **Recommendations** For versions prior to 51, update to version 51 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Thunderbird versions prior to 45.7 Firefox ESR versions prior to 45.7 Firefox versions prior to 51 **Description** The JSON viewer in the Developer Tools uses insecure methods to create a communication channel, potentially allowing for privilege escalation. **Recommendations** For Thunderbird versions prior to 45.7, update to version 45.7 or later. For Firefox ESR versions prior to 45.7, update to version 45.7 or later. For Firefox versions prior to 51, update to version 51 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 51 **Description** The issue concerns the loading of privileged "about:" pages in an iframe by special "about:" pages used by web content, such as RSS feeds. This could potentially allow for privilege escalation if a content-injection bug were found in one of those pages. **Recommendations** For versions prior to 51, update to version 51 or later to resolve the issue.