Vulnerabilities > Mozilla > Firefox ESR > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2017-5396 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. | 9.8 |
| 2018-06-11 | CVE-2017-5398 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Thunderbird 45.7. | 9.8 |
| 2018-06-11 | CVE-2017-5400 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. | 9.8 |
| 2018-06-11 | CVE-2017-5401 | 7PK - Errors vulnerability in multiple products A crash triggerable by web content in which an "ErrorResult" references unassigned memory due to a logic error. | 9.8 |
| 2018-06-11 | CVE-2017-5402 | Use After Free vulnerability in multiple products A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. | 9.8 |
| 2018-06-11 | CVE-2017-5404 | Use After Free vulnerability in multiple products A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. | 9.8 |
| 2018-06-11 | CVE-2017-5410 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. | 9.8 |
| 2018-06-11 | CVE-2017-5428 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. | 9.8 |
| 2018-06-11 | CVE-2017-5429 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Firefox ESR 52, and Thunderbird 52. | 9.8 |
| 2018-06-11 | CVE-2017-5430 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and Thunderbird 52. | 9.8 |