Boris Zbarsky

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 74 **Description** The issue is related to memory safety and script safety bugs in Firefox, which could potentially lead to memory corruption or escalation of privilege. It is presumed that with sufficient effort, some of these bugs could be exploited to run arbitrary code. The vulnerability is also described as a buffer overflow in memory, which could allow a remote attacker to execute arbitrary code. **Recommendations** For versions prior to 74, update to version 74 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive resources until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Firefox ESR versions prior to 60.8 Firefox versions prior to 68 Thunderbird versions prior to 60.8 **Description** The issue arises from insufficient input validation in the document.domain component of Firefox ESR, Firefox, and the Thunderbird email client. This can be exploited by a remote attacker to perform a cross-site scripting attack. When an inner window is reused, it fails to consider the use of `document.domain` for cross-origin protections, allowing pages on different subdomains to inject scripts into arbitrary pages on other subdomains. **Recommendations** For Firefox ESR versions prior to 60.8, update to version 60.8 or later. For Firefox versions prior to 68, update to version 68 or later. For Thunderbird versions prior to 60.8, update to version 60.8 or later.

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 64 Description: The issue is related to memory safety bugs, including evidence of memory corruption, which could potentially be exploited to run arbitrary code. It is also described as a buffer overflow vulnerability in memory, allowing a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. Recommendations: For versions prior to 64, update to version 64 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive data and minimizing browser usage until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 63 Firefox ESR versions prior to 60.3 Thunderbird versions prior to 60.3 **Description** The issue is caused by memory safety bugs, including evidence of memory corruption, which could potentially be exploited to run arbitrary code with enough effort. It is also described as a buffer overflow in memory, allowing a remote attacker to execute arbitrary code. **Recommendations** For Firefox versions prior to 63, update to version 63 or later. For Firefox ESR versions prior to 60.3, update to version 60.3 or later. For Thunderbird versions prior to 60.3, update to version 60.3 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 62 Firefox ESR versions prior to 60.2 Thunderbird versions prior to 60.2.1 **Description** The issue is caused by memory safety bugs, including evidence of memory corruption, which could potentially be exploited to run arbitrary code with enough effort. This affects various versions of Firefox, Firefox ESR, and Thunderbird. **Recommendations** For Firefox versions prior to 62, update to version 62 or later. For Firefox ESR versions prior to 60.2, update to version 60.2 or later. For Thunderbird versions prior to 60.2.1, update to version 60.2.1 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 61 **Description** The issue is related to memory safety bugs, which can lead to memory corruption. It is presumed that with sufficient effort, these bugs could be exploited to run arbitrary code, allowing a remote attacker to execute malicious code. **Recommendations** For versions prior to 61, update to version 61 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 57 **Description** The issue is related to a buffer data boundary operation overflow. It may allow a remote attacker to execute arbitrary code. Memory safety bugs were reported, showing evidence of memory corruption, which could potentially be exploited. **Recommendations** For versions prior to 57, update to version 57 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive data and minimizing browser usage until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 52 Firefox ESR versions prior to 45.8 Thunderbird versions prior to 52 Thunderbird versions prior to 45.8 **Description** Memory safety bugs were reported, showing evidence of memory corruption. It is presumed that with enough effort, some of these bugs could be exploited to run arbitrary code. **Recommendations** For Firefox versions prior to 52, update to version 52 or later. For Firefox ESR versions prior to 45.8, update to version 45.8 or later. For Thunderbird versions prior to 52, update to version 52 or later. For Thunderbird versions prior to 45.8, update to version 45.8 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 10.2 Safari versions prior to 10.0.2 iCloud versions prior to 6.1 iTunes versions prior to 12.5.4 **Description** The issue involves the `WebKit` component and allows remote attackers to obtain sensitive information via a crafted web site. It is related to the lack of protection for service data, which can be exploited by a remote attacker to gain confidential information using a specially formed web site. **Recommendations** For iOS versions prior to 10.2, update to version 10.2 or later. For Safari versions prior to 10.0.2, update to version 10.0.2 or later. For iCloud versions prior to 6.1, update to version 6.1 or later. For iTunes versions prior to 12.5.4, update to version 12.5.4 or later. As a temporary workaround, consider disabling the `WebKit` component until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 50.1 Firefox ESR versions prior to 45.6 Thunderbird versions prior to 45.6 **Description** Memory safety bugs were reported, showing evidence of memory corruption. It is presumed that with enough effort, some of these bugs could be exploited to run arbitrary code. **Recommendations** For Firefox versions prior to 50.1, update to version 50.1 or later. For Firefox ESR versions prior to 45.6, update to version 45.6 or later. For Thunderbird versions prior to 45.6, update to version 45.6 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 46.0 Mozilla Firefox ESR (affected versions not specified) **Description** The issue is caused by a buffer overflow, potentially allowing a remote attacker to cause a denial of service or execute arbitrary code, resulting in memory corruption and application crash. **Recommendations** For Mozilla Firefox versions prior to 46.0, update to version 46.0 or later to resolve the issue. For Mozilla Firefox ESR, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 46.0 Firefox ESR versions 45.x prior to 45.1 **Description** The issue is caused by buffer overflow vulnerabilities in the browser engine, which can be exploited by a remote attacker to cause a denial of service, such as memory corruption and application crash, or possibly execute arbitrary code. **Recommendations** For Firefox versions prior to 46.0, update to version 46.0 or later. For Firefox ESR versions 45.x prior to 45.1, update to version 45.1 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 40.0 Firefox ESR versions prior to 38.2 **Description** The issue is related to the lack of protection for certain data in Firefox browsers, allowing remote attackers to bypass the Same Origin Policy. This can be achieved via the `reviver` parameter to the `JSON.parse` method. The estimated number of potentially affected devices worldwide is not specified. **Recommendations** For Mozilla Firefox versions prior to 40.0, update to version 40.0 or later. For Firefox ESR versions prior to 38.2, update to version 38.2 or later. As a temporary workaround, consider restricting the use of the `JSON.parse` method with the `reviver` parameter until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 37.0 Firefox ESR versions 31.x prior to 31.6 Thunderbird versions prior to 31.6 **Description** The issue allows a remote attacker to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving anchor navigation. This can be achieved by exploiting the vulnerability in the affected software, allowing the attacker to perform actions with elevated privileges. **Recommendations** For Mozilla Firefox versions prior to 37.0, update to version 37.0 or later to resolve the issue. For Firefox ESR versions 31.x prior to 31.6, update to version 31.6 or later to resolve the issue. For Thunderbird versions prior to 31.6, update to version 31.6 or later to resolve the issue. As a temporary workaround, consider restricting access to anchor navigation in the affected software until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 24.0 Firefox ESR versions prior to 17.0.9 Thunderbird versions prior to 24.0 Thunderbird ESR versions prior to 17.0.9 SeaMonkey versions prior to 2.21 **Description** The issue arises from the improper identification of the `this` object during the use of user-defined getter methods on DOM proxies. This could potentially allow remote attackers to bypass intended access restrictions through vectors involving an expando object. **Recommendations** For Mozilla Firefox versions prior to 24.0, update to version 24.0 or later. For Firefox ESR versions prior to 17.0.9, update to version 17.0.9 or later. For Thunderbird versions prior to 24.0, update to version 24.0 or later. For Thunderbird ESR versions prior to 17.0.9, update to version 17.0.9 or later. For SeaMonkey versions prior to 2.21, update to version 2.21 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 22.0 Firefox ESR versions prior to 17.0.7 Thunderbird versions prior to 17.0.7 Thunderbird ESR versions prior to 17.0.7 **Description** The issue is related to the PreserveWrapper implementation, which does not properly handle the lack of a wrapper. This allows remote attackers to cause a denial of service, resulting in an application crash, or possibly execute arbitrary code by leveraging unintended clearing of the wrapper cache's preserved-wrapper flag. **Recommendations** For Mozilla Firefox versions prior to 22.0, update to version 22.0 or later. For Firefox ESR versions prior to 17.0.7, update to version 17.0.7 or later. For Thunderbird versions prior to 17.0.7, update to version 17.0.7 or later. For Thunderbird ESR versions prior to 17.0.7, update to version 17.0.7 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 19.0 Thunderbird versions prior to 17.0.3 SeaMonkey versions prior to 2.16 **Description** The issue allows remote attackers to bypass intended access restrictions. This is due to the failure to prevent multiple wrapping of WebIDL objects. **Recommendations** For Mozilla Firefox versions prior to 19.0, update to version 19.0 or later. For Thunderbird versions prior to 17.0.3, update to version 17.0.3 or later. For SeaMonkey versions prior to 2.16, update to version 2.16 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 18.0 Firefox ESR versions 10.x prior to 10.0.12 and 17.x prior to 17.0.2 Thunderbird versions prior to 17.0.2 Thunderbird ESR versions 10.x prior to 10.0.12 and 17.x prior to 17.0.2 SeaMonkey versions prior to 2.15 **Description** The issue arises from improper implementation of quickstubs that use the `jsval` data type for their return values. This allows remote attackers to execute arbitrary code or cause a denial of service, resulting in a compartment mismatch and application crash, via crafted JavaScript code that is not properly handled during garbage collection. **Recommendations** For Mozilla Firefox versions prior to 18.0, update to version 18.0 or later. For Firefox ESR versions 10.x prior to 10.0.12, update to version 10.0.12 or later. For Firefox ESR versions 17.x prior to 17.0.2, update to version 17.0.2 or later. For Thunderbird versions prior to 17.0.2, update to version 17.0.2 or later. For Thunderbird ESR versions 10.x prior to 10.0.12, update to version 10.0.12 or later. For Thunderbird ESR versions 17.x prior to 17.0.2, update to version 17.0.2 or later. For SeaMonkey versions prior to 2.15, update to version 2.15 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 3.6.23 Mozilla Firefox versions 4.x through 5 Thunderbird versions prior to 6.0 SeaMonkey versions prior to 2.3 **Description** The issue arises from improper handling of "location" as the name of a frame, allowing remote attackers to bypass the Same Origin Policy via a crafted web site. **Recommendations** For Mozilla Firefox versions prior to 3.6.23, update to version 3.6.23 or later. For Mozilla Firefox versions 4.x through 5, update to a version later than 5. For Thunderbird versions prior to 6.0, update to version 6.0 or later. For SeaMonkey versions prior to 2.3, update to version 2.3 or later.

Name of the Vulnerable Software and Affected Versions: Mozilla Thunderbird versions prior to 2.0.0.18 SeaMonkey versions prior to 1.1.13 Description: The issue allows remote attackers to obtain sensitive information about the recipient, or comments in forwarded mail, via script that reads the `.documentURI` or `.textContent` DOM properties when JavaScript is enabled in mail. Recommendations: For Mozilla Thunderbird versions prior to 2.0.0.18, update to version 2.0.0.18 or later. For SeaMonkey versions prior to 1.1.13, update to version 1.1.13 or later.