Mozilla Firefox Multiple Vulnerabilities (MFSA 2016-85 to MFSA 2016-86)

2016年9月23日 1344点热度 0人点赞 0条评论

漏洞类别：Local

漏洞等级：

漏洞信息

Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android.

The Mozilla Foundation has released updates to address multiple vulnerabilities in Firefox.
A heap overflow may occur in nsCaseTransformTextRunFactory::TransformString() [CVE-2016-5270].
An invalid cast may occur in nsImageGeometryMixin() [CVE-2016-5272].
A use-after-free memory error may occur in mozilla::a11y::DocAccessible::ProcessInvalidationList() [CVE-2016-5276].
A use-after-free memory error may occur in nsFrameManager::CaptureFrameState() [CVE-2016-5274].
A use-after-free memory error may occur in nsRefreshDriver::Tick() [CVE-2016-5277].
A buffer overflow may occur in mozilla::gfx::FilterSupport::ComputeSourceNeededRegions() [CVE-2016-5275].
A buffer overflow may occur in nsBMPEncoder::AddImageFrame() [CVE-2016-5278].
A use-after-free memory error may occur in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap() [CVE-2016-5280].
A use-after-free memory error may occur in DOMSVGLength() [CVE-2016-5281].
Various other errors may occur [CVE-2016-5256, CVE-2016-5257].
An out-of-bounds memory read error may occur in mozilla::net::IsValidReferrerPolicy() [CVE-2016-2827].
An error may occur in mozilla::a11y::HyperTextAccessible::GetChildOffset() [CVE-2016-5273].
An out-of-bounds read error may occur in PropertyProvider::GetSpacingInternal() [CVE-2016-5271].
A full path disclosure may occur after a drag and drop operation [CVE-2016-5279].
A favicon can be loaded via non-whiletlisted protocols [CVE-2016-5282].
A cross-origin 'iframe src' tag fragment timing attack may disclose data [CVE-2016-5283].

Affected Versions:
Mozilla Firefox versions prior to 49
Mozilla Firefox ESR versions prior to 45.4

漏洞危害

A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can cause the target application to crash.
A remote user can obtain potentially sensitive information on the target system.

解决方案

The vendor has released advisories and updates to fix these vulnerabilities. Refer to Mozilla Security Advisories for more information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

MFSA 2016-85 to MFSA 2016-86

0day

Mozilla Firefox Multiple Vulnerabilities (MFSA 2016-85 to MFSA 2016-86)

文章评论