Markus Stange

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 71 **Description** The issue is related to memory safety bugs, including evidence of memory corruption, which could potentially be exploited to run arbitrary code. Exploitation of this issue may allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. **Recommendations** For versions prior to 71, update to version 71 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 52 Thunderbird versions prior to 52 **Description** Memory safety bugs were reported, showing evidence of memory corruption. It is presumed that with enough effort, some of these bugs could be exploited to run arbitrary code. **Recommendations** For Firefox versions prior to 52, update to version 52 or later. For Thunderbird versions prior to 52, update to version 52 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 50 **Description** Memory safety bugs were reported, showing evidence of memory corruption. It is presumed that with enough effort, some of these bugs could be exploited to run arbitrary code. **Recommendations** For versions prior to 50, update to version 50 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 50 **Description** The issue allows the use of the "feDisplacementMap" filter on images loaded cross-origin. The rendering by the filter is variable depending on the input pixel, which can lead to timing attacks when the images are loaded from third-party locations. **Recommendations** For versions prior to 50, update to a version that contains a fix for this issue to prevent potential timing attacks.