Vulnerabilities > Mozilla > Firefox > 2.0.0.5

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2018-5095 Use of Uninitialized Resource vulnerability in multiple products
An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM.
network
low complexity
debian redhat mozilla canonical CWE-908
7.5
2018-06-11 CVE-2018-5094 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap buffer overflow vulnerability may occur in WebAssembly when "shrinkElements" is called followed by garbage collection on memory that is now uninitialized.
network
low complexity
mozilla canonical CWE-119
5.0
2018-06-11 CVE-2018-5093 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap buffer overflow vulnerability may occur in WebAssembly during Memory/Table resizing, resulting in a potentially exploitable crash.
network
low complexity
mozilla canonical CWE-119
5.0
2018-06-11 CVE-2018-5092 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the main thread while cancelling fetch operations.
network
low complexity
mozilla canonical CWE-416
7.5
2018-06-11 CVE-2018-5091 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers.
network
low complexity
debian redhat mozilla canonical CWE-416
7.5
2018-06-11 CVE-2018-5090 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 57.
network
low complexity
mozilla canonical CWE-119
critical
10.0
2018-06-11 CVE-2018-5089 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5.
network
low complexity
canonical redhat debian mozilla CWE-119
7.5
2018-06-11 CVE-2017-7845 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird
A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content.
network
mozilla microsoft CWE-119
critical
9.3
2018-06-11 CVE-2017-7844 Information Exposure vulnerability in Mozilla Firefox
A combination of an external SVG image referenced on a page and the coloring of anchor links stored within this image can be used to determine which pages a user has in their history.
network
mozilla CWE-200
4.3
2018-06-11 CVE-2017-7843 Information Exposure vulnerability in multiple products
When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely.
network
low complexity
debian mozilla redhat CWE-200
5.0