Vulnerabilities > Mozilla > Firefox ESR > 52.1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2017-7792 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). | 7.5 |
| 2018-06-11 | CVE-2017-7791 | Improper Input Validation vulnerability in multiple products On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. | 5.0 |
| 2018-06-11 | CVE-2017-7787 | Information Exposure vulnerability in multiple products Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. | 5.0 |
| 2018-06-11 | CVE-2017-7786 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. | 7.5 |
| 2018-06-11 | CVE-2017-7785 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. | 7.5 |
| 2018-06-11 | CVE-2017-7784 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. | 7.5 |
| 2018-06-11 | CVE-2017-7782 | Improper Privilege Management vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird An error in the "WindowsDllDetourPatcher" where a RWX ("Read/Write/Execute") 4k block is allocated but never protected, violating DEP protections. | 5.0 |
| 2018-06-11 | CVE-2017-7779 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2. | 10.0 |
| 2018-06-11 | CVE-2017-7778 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. | 7.5 |
| 2018-06-11 | CVE-2017-7768 | Information Exposure vulnerability in Mozilla Firefox and Firefox ESR The Mozilla Maintenance Service can be invoked by an unprivileged user to read 32 bytes of any arbitrary file on the local system by convincing the service that it is reading a status file provided by the Mozilla Windows Updater. | 2.1 |