Ticket #23409: vuln_hist_esr52

File vuln_hist_esr52, 1.9 KB (added by gk, 2 years ago)
Line 
1Up to and including ESR 52.0.1 (April 26 2016-March 17 2017)
2============================================================
3
4This covers sec-high and sec-crit issues within the following timeframe
5
6April 26 + June 7 + August 2 + September 20 + October 20 + November 28 +
7November 30 + December 13 + January 24 + February 9 + March 7 + March 17
8
9JS (GC + Engine) 42
10JIT 14
11Audio/Video
12Audio/Video (Stagefright)
13Audio/Video (GMP)
14Audio/Video: MediaStreamGraph 4
15Audio/Video: Playback 5
16Graphics 7
17Graphics (SVG involved)
18Graphics:Layers 7
19Graphics:Text (woff2)
20Graphics:Text 2 (harfbuzz)
21WebRTC 2
22WebRTC:Networking 2
23WebRTC:Audio/Video 3
24DOM 14
25DOM (SVG effects)
26DOm (Android)
27DOM:Service Workers 7
28DOM:Animation 5
29DOM:Workers 2
30DOM:Core&HTML 3
31DOM:Device Interfaces 1
32DOM:Events 1
33DOM:Security 1
34DOM:CSS Object Model 1
35Layout 3
36Layout:View Rendering 2
37Layout:Text (SVG involved) 1
38Layout:Text 1
39Layout:Web Painting 1
40Networking 6
41Networking:HTTP 3
42Networking:Cache 1
43Networking:WebSockets 1
44Disability Access APIs 4
45Spelling Checker 3
46ImageLib 3
47HTML:Parser 3
48Canvas:WebGL 3
49Canvas:2D 4
50SVG 3
51Application Update 3
52Addons-Manager 1
53Security:Process Sandboxing 1
54Security:PSM 1
55Editor 1
56Document Navigation 1
57XSLT 1
58Printing:Output 1
59XPCOM 1
60Selection 1
61Plug-ins 1
62CSS:Parsing and Computation 1
63Rewriting and Analysis 1
64Widget Cocoa 1
65Tabbed Browser 1
66Developer Tools:JSON Viewer 1
67WebExtensions:Request Handling 1
68General (Firefox for Android) 1
69
70UAF 74
71Integer overflow 4
72OOB read/write 5
73heap-buffer-overflow 1
74buffer overflow 37
75uninitialized value 1
76wild pointer 1
77unitiliaized value 1
78double-free 1
79type confusion 1
80bad case 1
81data leak 12
82privilege escalation 5
83
84Notes:
85------
86
87-UAFs are by far the most problematic vulnerabilities
88-there might be more heap buffer overflows in the "buffer overflows" category
89-where I could not track down the vulnerability type by skimming the bug report and reading the advisory I left it out (while I previously mentioned things like "Assertion")