Security Advisories for Firefox ESR 38
Firefox ESR 38 is unsupported. Please upgrade to the latest version.
Impact key
- Critical Vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.
- High Vulnerability can be used to gather sensitive data from sites in other windows or inject data or code into those sites, requiring no more than normal browsing actions.
- Moderate Vulnerabilities that would otherwise be High or Critical except they only work in uncommon non-default configurations or require the user to perform complicated and/or unlikely steps.
- Low Minor security vulnerabilities such as Denial of Service attacks, minor data leaks, or spoofs. (Undetectable spoofs of SSL indicia would have "High" impact because those are generally used to steal sensitive data intended for other sites.)
# Fixed in Firefox ESR 38.8
- 2016-47 Write to invalid HashMap entry through JavaScript.watch()
- 2016-44 Buffer overflow in libstagefright with CENC offsets
- 2016-39 Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8)
- 2016-36 Use-after-free during processing of DER encoded keys in NSS
- 2016-29 Same-origin policy violation using performance.getEntries and history navigation with session restore
- 2016-15 Use-after-free in NSS during SSL connections in low memory
- 2016-07 Errors in mp_div and mp_exptmod cryptographic functions in NSS
# Fixed in Firefox ESR 38.7
- 2016-37 Font vulnerabilities in the Graphite 2 library
- 2016-35 Buffer overflow during ASN.1 decoding in NSS
- 2016-34 Out-of-bounds read in HTML parser following a failed allocation
- 2016-31 Memory corruption with malicious NPAPI plugin
- 2016-28 Addressbar spoofing though history navigation and Location protocol property
- 2016-27 Use-after-free during XML transformations
- 2016-25 Use-after-free when using multiple WebRTC data channels
- 2016-24 Use-after-free in SetBody
- 2016-23 Use-after-free in HTML5 string parser
- 2016-21 Displayed page address can be overridden
- 2016-20 Memory leak in libstagefright when deleting an array during MP4 processing
- 2016-17 Local file overwriting and potential privilege escalation through CSP reports
- 2016-16 Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)
- 2015-136 Same-origin policy violation using performance.getEntries and history navigation
- 2015-81 Use-after-free in MediaStream playback
# Fixed in Firefox ESR 38.6.1
# Fixed in Firefox ESR 38.6
- 2016-03 Buffer overflow in WebGL after out of memory allocation
- 2016-01 Miscellaneous memory safety hazards (rv:44.0 / rv:38.6)
- 2015-150 MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature
# Fixed in Firefox ESR 38.5
- 2015-149 Cross-site reading attack through data and view-source URIs
- 2015-147 Integer underflow and buffer overflow processing MP4 metadata in libstagefright
- 2015-146 Integer overflow in MP4 playback in 64-bit versions
- 2015-145 Underflow through code inspection
- 2015-139 Integer overflow allocating extremely large textures
- 2015-138 Use-after-free in WebRTC when datachannel is used after being destroyed
- 2015-134 Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)
# Fixed in Firefox ESR 38.4
- 2015-133 NSS and NSPR memory corruption issues
- 2015-132 Mixed content WebSocket policy bypass through workers
- 2015-131 Vulnerabilities found through code inspection
- 2015-130 JavaScript garbage collection crash with Java applet
- 2015-128 Memory corruption in libjar through zip files
- 2015-127 CORS preflight is bypassed when non-standard Content-Type headers are received
- 2015-123 Buffer overflow during image interactions in canvas
- 2015-122 Trailing whitespace in IP address hostnames can bypass same-origin policy
- 2015-116 Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)
# Fixed in Firefox ESR 38.3
- 2015-113 Memory safety errors in libGLES in the ANGLE graphics library
- 2015-112 Vulnerabilities found through code inspection
- 2015-111 Errors in the handling of CORS preflight request headers
- 2015-110 Dragging and dropping images exposes final URL after redirects
- 2015-106 Use-after-free while manipulating HTML media content
- 2015-105 Buffer overflow while decoding WebM video
- 2015-101 Buffer overflow in libvpx while parsing vp9 format video
- 2015-100 Arbitrary file manipulation by local user through Mozilla updater
- 2015-96 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
# Fixed in Firefox ESR 38.2.1
- 2015-95 Add-on notification bypass through data URLs
- 2015-94 Use-after-free when resizing canvas element during restyling
# Fixed in Firefox ESR 38.2
- 2015-92 Use-after-free in XMLHttpRequest with shared workers
- 2015-90 Vulnerabilities found through code inspection
- 2015-89 Buffer overflows on Libvpx when decoding WebM video
- 2015-88 Heap overflow in gdk-pixbuf when scaling bitmap images
- 2015-87 Crash when using shared memory in JavaScript
- 2015-85 Out-of-bounds write with Updater and malicious MAR file
- 2015-84 Arbitrary file overwriting through Mozilla Maintenance Service with hard links
- 2015-83 Overflow issues in libstagefright
- 2015-82 Redefinition of non-configurable JavaScript object properties
- 2015-80 Out-of-bounds read with malformed MP3 file
- 2015-79 Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)
# Fixed in Firefox ESR 38.1.1
# Fixed in Firefox ESR 38.1
- 2015-71 NSS incorrectly permits skipping of ServerKeyExchange
- 2015-70 NSS accepts export-length DHE keys with regular DHE cipher suites
- 2015-69 Privilege escalation through internal workers
- 2015-67 Key pinning is ignored when overridable errors are encountered
- 2015-66 Vulnerabilities found through code inspection
- 2015-65 Use-after-free in workers while using XMLHttpRequest
- 2015-64 ECDSA signature validation fails to handle some signatures correctly
- 2015-63 Use-after-free in Content Policy due to microtask execution error
- 2015-62 Out-of-bound read while computing an oscillator rendering range in Web Audio
- 2015-61 Type confusion in Indexed Database Manager
- 2015-60 Local files or privileged URLs in pages can be opened into new tabs
- 2015-59 Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 / rv:38.1)