Kartikaya Gupta

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 55 Firefox ESR versions prior to 52.3 Thunderbird versions prior to 52.3 **Description** Memory safety bugs were reported, showing evidence of memory corruption. It is presumed that with enough effort, some of these bugs could be exploited to run arbitrary code. **Recommendations** For Firefox versions prior to 55, update to version 55 or later. For Firefox ESR versions prior to 52.3, update to version 52.3 or later. For Thunderbird versions prior to 52.3, update to version 52.3 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox OS versions prior to 2.2 **Description** The issue is related to insufficient access restrictions in Mozilla Firefox OS, which can be exploited by man-in-the-middle attackers to bypass intended access restrictions. This can be achieved by spoofing an external web server URL embedded in the System process, specifically in the COPPA error page within the Accounts setup dialog. **Recommendations** For versions prior to 2.2, update to version 2.2 or later to resolve the issue.