TTCSIRT-099.031418: TT-CSIRT Advisory – FireFox Security Updates

TTCSIRT-099.031418: TT-CSIRT Advisory – FireFox Security Updates

Mozilla has released a security update stating that the following vulnerabilities have been fixed for FireFox Browser ver 59.0:

a) Buffer overflow manipulating SVG animatedPathSegList – CVE-2018-5127

b) Use-after-free manipulating editor selection ranges – CVE-2018-5128

c) Out-of-bounds write with malformed IPC messages – CVE-2018-5129

d) Mismatched RTP payload type can trigger memory corruption – CVE-2018-5130

e) Fetch API improperly returns cached copies of no-store/no-cache resources – CVE-2018-5131

f) WebExtension Find API can search privileged pages – CVE-2018-5132

Further information on these vulnerabilities and how they can be mitigated can be found on the Mozilla Website at https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/