Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)

VN-2017-130


Mozilla Firefox Multiple Vulnerabilities
Severity Rating: High
Systems Affected:
  • Mozilla Firefox version prior to 56.0
Description
Multiple vulnerabilities have been identified in Mozilla Firefox and can be exploited by remote attackers to cause execution of arbitrary code, obtain potentially sensitive information, spoof URLs and conduct cross-site scripting attacks. The vulnerabilities reported are as follows:
  • A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target user's system.
 
  • A use-after-free memory error may occur in the Fetch API.
 
  • A use-after-free memory error may occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers via the DOM.
 
  • A use-after-free memory error may occur in design mode when image objects are resized.
 
  • A buffer overflow may occur when drawing and validating elements with the ANGLE graphics library
 
  • A use-after-free memory error may occur during TLS 1.2 exchanges.
 
  • A remote user can create specially crafted content that, when dragged onto the browser tab bar, will open files stored on the target user's system.
 
  • Other memory corruption errors may occur.
 
  • A remote user can trigger an integer truncation flaw in the JavaScript parser to read data outside of the buffer.
 
  • The content security policy (CSP) sandbox directive may not create a unique origin for a document. A remote user can exploit this to conduct cross-scripting attacks.
 
  • A remote user can bypass phishing and malware protection warnings via 'blob:' and 'data:' URL elements.
 
  • A remote user can cause some Tibetan and Arabic characters in several fonts to be displayed as whitespace, which may allow domain spoofing attacks.
 
  • A remote user can invoke the 'data:' protocol within an iframe to spoof a modal dialog's origin.
 
  • A remote user can invoke WebExtensions to load an 'about:' privileged URL.
 
  • A remote user can invoke WebExtensions to download and attempt to open a file of some non-executable file types without user interaction.
 
  • The WebCrypto API AES-GCM implementation accepts 0-length IV. A remote user may be able to exploit this to determine the authentication key in certain cases.
 
  • A remote user may be able to bypass the Xray wrapper mechanism.
 
  • A remote user can spoof the address bar via fullscreen mode.
  
Solution
Users are advised to apply updates.
More information is available on:
 
Vendor Information
Mozilla
CVE Information
List of other CVE Information is available on:
References
Mozilla Security Bulletin
Security Tracker
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis