TTCSIRT-138.062918: TT-CSIRT Advisory – Mozilla Security Updates
Mozilla has released a security update stating that it has discovered the following vulnerabilities Firefox ESR 52.9:
a) Buffer overflow using computed size of canvas element – CVE-2018-12359.
b) Use-after-free when using focus() – CVE-2018-12360.
c) Integer overflow in SSSE3 scaler – CVE-2018-12362.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution.
| Further information on these vulnerabilities and how they can be mitigated can be found on the Mozilla Website at https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/ |