Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Mozilla Firefox Security Advisory (MFSA2017-05) - Linux
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host is missing a security update for Mozilla Firefox.
Insight
Insight
CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. CVE-2017-5401: Memory Corruption when handling ErrorResult A crash triggerable by web content in which an ErrorResult references unassigned memory due to a logic error. The resulting crash may be exploitable. CVE-2017-5402: Use-after-free working with events in FontFace objects A use-after-free can occur when events are fired for a FontFace object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. CVE-2017-5403: Use-after-free using addRange to add range to an incorrect root object When adding a range to an object in the DOM, it is possible to use addRange to add the range to an incorrect root object. This triggers a use-after-free, resulting in a potentially exploitable crash. CVE-2017-5404: Use-after-free working with ranges in selections A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. CVE-2017-5406: Segmentation fault in Skia with canvas operations A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and leads to information disclosure. CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. CVE-2017-5411: Use-after-free in Buffer Storage in libGLES A use-after-free can occur during buffer storage operations within the ANGLE graphics library, used for WebGL content. The buffer storage can be freed while still in use in some circumstances, leading to a potentially exploitable crash. Note: This issue is in libGLES, which is only in use on Windows. Other operating systems are not affected. CVE-2017-5409: File deletion via callback parameter in Mozilla Windows Updater and Maintenance Service The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file by passing a special path to the callback parameter through the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other ... [Please see the references for more information on the vulnerabilities]
Affected Software
Affected Software
Firefox version(s) below 52.
Detection Method
Detection Method
Checks if a vulnerable package version is present on the target host.
Solution
Solution
The vendor has released an update. Please see the reference(s) for more information.
Common Vulnerabilities and Exposures (CVE)
- CVE-2017-5398
- CVE-2017-5399
- CVE-2017-5400
- CVE-2017-5401
- CVE-2017-5402
- CVE-2017-5403
- CVE-2017-5404
- CVE-2017-5405
- CVE-2017-5406
- CVE-2017-5407
- CVE-2017-5408
- CVE-2017-5409
- CVE-2017-5410
- CVE-2017-5411
- CVE-2017-5412
- CVE-2017-5413
- CVE-2017-5414
- CVE-2017-5415
- CVE-2017-5416
- CVE-2017-5417
- CVE-2017-5418
- CVE-2017-5419
- CVE-2017-5420
- CVE-2017-5421
- CVE-2017-5422
- CVE-2017-5425
- CVE-2017-5426
- CVE-2017-5427
References
- https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332550%2C1332597%2C13
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332569%2C1315248%2C12
- https://bugzilla.mozilla.org/show_bug.cgi?id=1257361
- https://bugzilla.mozilla.org/show_bug.cgi?id=1284395
- https://bugzilla.mozilla.org/show_bug.cgi?id=1295002
- https://bugzilla.mozilla.org/show_bug.cgi?id=1295542
- https://bugzilla.mozilla.org/show_bug.cgi?id=1301876
- https://bugzilla.mozilla.org/show_bug.cgi?id=1306890
- https://bugzilla.mozilla.org/show_bug.cgi?id=1312243
- https://bugzilla.mozilla.org/show_bug.cgi?id=1313711
- https://bugzilla.mozilla.org/show_bug.cgi?id=1319370
- https://bugzilla.mozilla.org/show_bug.cgi?id=1321719
- https://bugzilla.mozilla.org/show_bug.cgi?id=1321814
- https://bugzilla.mozilla.org/show_bug.cgi?id=1322716
- https://bugzilla.mozilla.org/show_bug.cgi?id=1325511
- https://bugzilla.mozilla.org/show_bug.cgi?id=1328121
- https://bugzilla.mozilla.org/show_bug.cgi?id=1328323
- https://bugzilla.mozilla.org/show_bug.cgi?id=1328861
- https://bugzilla.mozilla.org/show_bug.cgi?id=1330687
- https://bugzilla.mozilla.org/show_bug.cgi?id=1334876
- https://bugzilla.mozilla.org/show_bug.cgi?id=1334933
- https://bugzilla.mozilla.org/show_bug.cgi?id=1336622
- https://bugzilla.mozilla.org/show_bug.cgi?id=1336699
- https://bugzilla.mozilla.org/show_bug.cgi?id=1337504
- https://bugzilla.mozilla.org/show_bug.cgi?id=1338876
- https://bugzilla.mozilla.org/show_bug.cgi?id=1340138
- https://bugzilla.mozilla.org/show_bug.cgi?id=1340186
- https://bugzilla.mozilla.org/show_bug.cgi?id=791597