CLD-128 Details

Other IDs this deficiency may be known by:

CVE ID None
Other ID(s) mfsa2017-25, fixed-in-52.5.0

Basic Information:

Affected Package(s) firefox
Deficiency Type SECURITY
Date Created 2017-11-14 10:46:17
Date Last Modified 2017-11-16 11:57:55

Version Specific Information:

Cucumber 1.0 i686fixed in firefox-52.5.0esr-i686-1
Cucumber 1.0 x86_64fixed in firefox-52.5.0esr-x86_64-1

Cucumber 1.1 i686 fixed in firefox-52.5.0esr-i686-1
Cucumber 1.1 x86_64 fixed in firefox-52.5.0esr-x86_64-1

Details:

Details about the vulnerabilities fixed in Firefox 52.5.0 can be found at:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-25/

This fixes the following CVEs:
	CVE-2017-7828: Use-after-free of PressShell while restyling layout
	CVE-2017-7830: Cross-origin URL information leak through Resource Timing API
	CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5