TTCSIRT-099.031418: TT-CSIRT Advisory – FireFox Security Updates
Mozilla has released a security update stating that the following vulnerabilities have been fixed for FireFox Browser ver 59.0:
a) Buffer overflow manipulating SVG animatedPathSegList – CVE-2018-5127
b) Use-after-free manipulating editor selection ranges – CVE-2018-5128
c) Out-of-bounds write with malformed IPC messages – CVE-2018-5129
d) Mismatched RTP payload type can trigger memory corruption – CVE-2018-5130
e) Fetch API improperly returns cached copies of no-store/no-cache resources – CVE-2018-5131
f) WebExtension Find API can search privileged pages – CVE-2018-5132
| Further information on these vulnerabilities and how they can be mitigated can be found on the Mozilla Website at https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/ |