Hash: SHA256

             AUSCERT External Security Bulletin Redistribution

                    mozilla -- multiple vulnerabilities
                                24 May 2019


        AusCERT Security Bulletin Summary

Product:           Firefox
Publisher:         FreeBSD
Operating System:  FreeBSD
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Cross-site Scripting            -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
                   Access Confidential Data        -- Remote with User Interaction
                   Reduced Security                -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-11701 CVE-2019-11700 CVE-2019-11699
                   CVE-2019-11698 CVE-2019-11697 CVE-2019-11696
                   CVE-2019-11695 CVE-2019-11694 CVE-2019-11693
                   CVE-2019-11692 CVE-2019-11691 CVE-2019-9821
                   CVE-2019-9820 CVE-2019-9819 CVE-2019-9818
                   CVE-2019-9817 CVE-2019-9816 CVE-2019-9815
                   CVE-2019-9814 CVE-2019-9800 CVE-2019-7317

Reference:         ESB-2019.1858

Original Bulletin: 

- --------------------------BEGIN INCLUDED TEXT--------------------

mozilla -- multiple vulnerabilities

Affected packages
		firefox 	< 	67.0,1
		waterfox 	< 	56.2.10
		linux-seamonkey 	< 	2.49.5
		seamonkey 	< 	2.49.5
		firefox-esr 	< 	60.7.0,1
		linux-firefox 	< 	60.7.0,2
		libxul 	< 	60.7.0
		linux-thunderbird 	< 	60.7.0
		thunderbird 	< 	60.7.0


VuXML ID 	44b6dfbf-4ef7-4d52-ad52-2b1b05d81272
Discovery 	2019-05-21
Entry 	2019-05-22

Mozilla Foundation reports:

    CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS

    CVE-2019-9816: Type confusion with object groups and UnboxedObjects

    CVE-2019-9817: Stealing of cross-domain images using canvas

    CVE-2019-9818: Use-after-free in crash generation server

    CVE-2019-9819: Compartment mismatch with fetch API

    CVE-2019-9820: Use-after-free of ChromeEventHandler by DocShell

    CVE-2019-9821: Use-after-free in AssertWorkerThread

    CVE-2019-11691: Use-after-free in XMLHttpRequest

    CVE-2019-11692: Use-after-free removing listeners in the event listener manager

    CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux

    CVE-2019-7317: Use-after-free in png_image_free of libpng library

    CVE-2019-11694: Uninitialized memory memory leakage in Windows sandbox

    CVE-2019-11695: Custom cursor can render over user interface outside of web content

    CVE-2019-11696: Java web start .JNLP files are not recognized as executable files for download prompts

    CVE-2019-11697: Pressing key combinations can bypass installation prompt delays and install extensions

    CVE-2019-11698: Theft of user history data through drag and drop of hyperlinks to and from bookmarks

    CVE-2019-11700: res: protocol can be used to open known local files

    CVE-2019-11699: Incorrect domain name highlighting during page navigation

    CVE-2019-11701: webcal: protocol default handler loads vulnerable web page

    CVE-2019-9814: Memory safety bugs fixed in Firefox 67

    CVE-2019-9800: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7

CVE Name 	CVE-2019-11691
CVE Name 	CVE-2019-11692
CVE Name 	CVE-2019-11693
CVE Name 	CVE-2019-11694
CVE Name 	CVE-2019-11695
CVE Name 	CVE-2019-11696
CVE Name 	CVE-2019-11697
CVE Name 	CVE-2019-11698
CVE Name 	CVE-2019-11699
CVE Name 	CVE-2019-11700
CVE Name 	CVE-2019-11701
CVE Name 	CVE-2019-7317
CVE Name 	CVE-2019-9800
CVE Name 	CVE-2019-9814
CVE Name 	CVE-2019-9815
CVE Name 	CVE-2019-9816
CVE Name 	CVE-2019-9817
CVE Name 	CVE-2019-9818
CVE Name 	CVE-2019-9819
CVE Name 	CVE-2019-9820
CVE Name 	CVE-2019-9821
URL 	https://www.mozilla.org/security/advisories/mfsa2019-13/
URL 	https://www.mozilla.org/security/advisories/mfsa2019-14/
URL 	https://www.mozilla.org/security/advisories/mfsa2019-15/

Copyright 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:


Australian Computer Emergency Response Team
The University of Queensland
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
Comment: http://www.auscert.org.au/render.html?it=1967