Уязвимость реализации технологии HTTP/2 браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании

An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

An out-of-bounds read when an HTTP/2 connection to a servers sends "DA ...

An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

Security update for Mozilla Firefox

ELSA-2017-1104: firefox security update (CRITICAL)

Security update for MozillaFirefox, mozilla-nss, mozilla-nspr, java-1_8_0-openjdk

Security update for MozillaFirefox, mozilla-nss, mozilla-nspr

ELSA-2017-1201: thunderbird security update (IMPORTANT)

ELSA-2017-1106: firefox security update (CRITICAL)

Security update for MozillaFirefox, MozillaFirefox-branding-SLE

Security update for MozillaThunderbird

Security update for MozillaFirefox, MozillaFirefox-branding-SLED, firefox-gcc5, mozilla-nss