Jujjyl

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 48.0 **Description** The issue is related to a use-after-free vulnerability in the js::PreliminaryObjectArray::sweep function. This vulnerability can be exploited by remote attackers to execute arbitrary code via crafted JavaScript that is mishandled during incremental garbage collection. **Recommendations** For versions prior to 48.0, update to version 48.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 45.0 **Description** The issue is related to multiple unspecified vulnerabilities in the browser engine, potentially allowing remote attackers to cause a denial of service, such as memory corruption and application crash, or possibly execute arbitrary code. The vulnerabilities are related to vectors involving the js/src/jit/arm/Assembler-arm.cpp function, among other unknown vectors. **Recommendations** For Mozilla Firefox versions prior to 45.0, update to version 45.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the js/src/jit/arm/Assembler-arm.cpp function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 40.0 Firefox ESR versions prior to 38.2 **Description** The issue is caused by a buffer overflow in the `js::jit::AssemblerX86Shared::lock addl` function. This can be exploited by a remote attacker to cause a denial of service by manipulating shared memory and accessing certain objects, such as Atomics or SharedArrayBuffer objects. **Recommendations** For Firefox versions prior to 40.0, update to version 40.0 or later to resolve the issue. For Firefox ESR versions prior to 38.2, update to version 38.2 or later to resolve the issue. As a temporary workaround, consider restricting access to shared memory to minimize the risk of exploitation.