Oriol

**Name of the Vulnerable Software and Affected Versions** Firefox versions 50.1 and earlier Firefox ESR versions 45.6 and earlier Thunderbird versions prior to 45.7 **Description** Memory safety bugs were reported, showing evidence of memory corruption. It is presumed that with enough effort, some of these bugs could be exploited to run arbitrary code. **Recommendations** For Firefox versions 50.1 and earlier, update to version 51 or later. For Firefox ESR versions 45.6 and earlier, update to version 45.7 or later. For Thunderbird versions prior to 45.7, update to version 45.7 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 45.0 **Description** The issue is related to the FileReader class in Mozilla Firefox, which has insufficient access control. This can be exploited by a local attacker to gain privileges or cause a denial of service (memory corruption) by changing a file during a FileReader API read operation. **Recommendations** For versions prior to 45.0, update to version 45.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the FileReader API until a patch is available.