| Errata ID | 71 |
|---|---|
| Date | 2016-01-28 |
| Source package | firefox-de |
| Fixed in version | 1:38.6.0esr-ucs-4.1.73.201601271001 |
| Description | Firefox ESR 38.6 fixes these issues: * Mozilla Firefox allows remote attackers to bypass the Same Origin Policy via data: and view-source: URIs (CVE-2015-7214). * Integer underflow allows remote attackers to execute arbitrary code or cause a denial of service via an MP4 video file with crafted covr metadata (CVE-2015-7222). * Integer overflow allows remote attackers to execute arbitrary code via a crafted MP4 video file (CVE-2015-7213). * Integer underflow might allow remote attackers to obtain sensitive information, cause a denial of service by triggering a crafted WebRTC RTP packet (CVE-2015-7205). * Integer overflow allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation (CVE-2015-7212). * Use-after-free vulnerability allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function (CVE-2015-7210). * Multiple unspecified vulnerabilities in the browser engine allow remote attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors (CVE-2015-7201). * MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature (CVE-2015-7575) * Fixes global-buffer-overflow (write) at BufferSubData (CVE-2016-1935). * Several memory safety bugs were fixed (CVE-2016-1930). |
| Additional notes | |
| CVE ID | CVE-2015-7214 CVE-2015-7222 CVE-2015-7213 CVE-2015-7205 CVE-2015-7212 CVE-2015-7210 CVE-2015-7201 CVE-2015-7575 CVE-2016-1935 CVE-2016-1930 |
| UCS Bug number | #40272 |
