Vulnerabilities > Mozilla > Firefox ESR > 52.7.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-18 | CVE-2018-12362 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. | 8.8 |
| 2018-10-18 | CVE-2018-12361 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow can occur in the SwizzleData code while calculating buffer sizes. | 8.8 |
| 2018-10-18 | CVE-2018-12360 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. | 8.8 |
| 2018-10-18 | CVE-2018-12359 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. | 8.8 |
| 2018-06-11 | CVE-2018-5183 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers backported selected changes in the Skia library. | 9.8 |
| 2018-06-11 | CVE-2018-5178 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. | 8.1 |
| 2018-06-11 | CVE-2018-5174 | Unspecified vulnerability in Mozilla products In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEE_MASK_FLAG_NO_UI" flag associated with downloaded files and will not show any UI. | 7.5 |
| 2018-06-11 | CVE-2018-5168 | Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. | 5.3 |
| 2018-06-11 | CVE-2018-5159 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. | 9.8 |
| 2018-06-11 | CVE-2018-5158 | Code Injection vulnerability in multiple products The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. | 8.8 |