Mozilla developers and community members Andreea Pavel, Christian Holler, Honza Bambas, Jason Kratzer, and Jeff Gilbert reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
Tag: Mozilla
ASA-2019-00449 – Mozilla Firefox: Memory safety bugs
Mozilla developers and community members André Bargull, Christian Holler, Natalia Csoregi, Raul Gurzau, Daniel Varga, Jon Coppeard, Marcia Knous, Gary Kwong, Randell Jesup, David Bolter, Jeff Gilbert, and Deian Stefan reported memory safety bugs present in Firefox 67. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
ASA-2019-00448 – Mozilla Firefox: Port scanning through Alt-Svc header
The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP ports of any host that the accessible to a user when web content is loaded.
ASA-2019-00447 – Mozilla Firefox: PKCS#1 v1.5 signatures can be used for TLS 1.3
A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages.
ASA-2019-00446 – Mozilla Firefox: Websocket resources bypass safebrowsing protections
When a user navigates to site marked as unsafe by the Safebrowsing API, warning messages are displayed and navigation is interrupted but resources from the same site loaded through websockets are not blocked, leading to the loading of unsafe resources and bypassing safebrowsing protections.
ASA-2019-00445 – Mozilla Firefox: Retired site input.mozilla.org has remote troubleshooting permissions
Application permissions give additional remote troubleshooting permission to the site input.mozilla.org, which has been retired and now redirects to another site. This additional permission is unnecessary and is a potential vector for malicious attacks.
ASA-2019-00444 – Mozilla Firefox: Cookie leakage during add-on fetching across private browsing boundaries
A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension.
ASA-2019-00442 – Mozilla Firefox: Domain spoofing through unicode latin ‘kra’ character
The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion.