Vulnerabilities > Mozilla > Firefox ESR
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2017-5445 | Improper Validation of Array Index vulnerability in multiple products A vulnerability while parsing "application/http-index-format" format content where uninitialized values are used to create an array. | 5.0 |
| 2018-06-11 | CVE-2017-5444 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted data. | 5.0 |
| 2018-06-11 | CVE-2017-5443 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives. | 7.5 |
| 2018-06-11 | CVE-2017-5442 | Use After Free vulnerability in multiple products A use-after-free vulnerability during changes in style when manipulating DOM elements. | 7.5 |
| 2018-06-11 | CVE-2017-5441 | Use After Free vulnerability in multiple products A use-after-free vulnerability when holding a selection during scroll events. | 7.5 |
| 2018-06-11 | CVE-2017-5440 | Use After Free vulnerability in multiple products A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. | 7.5 |
| 2018-06-11 | CVE-2017-5439 | Use After Free vulnerability in multiple products A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. | 7.5 |
| 2018-06-11 | CVE-2017-5438 | Use After Free vulnerability in multiple products A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. | 7.5 |
| 2018-06-11 | CVE-2017-5436 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. | 6.8 |
| 2018-06-11 | CVE-2017-5435 | Use After Free vulnerability in multiple products A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. | 7.5 |