A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
Un proceso hijo IPC comprometido puede escapar el sandbox de contenido y listar los nombres de archivos arbitrarios en el sistema de archivos sin consentimiento o interacción del usuario. Esto podría resultar en la exposición de archivos locales privados. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 60 y la 52.9, Firefox ESR en versiones anteriores a la 60.1 y la 52.9 y Firefox en versiones anteriores a la 61.
USN-3705-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, bypass same-origin restrictions, bypass CORS restrictions, bypass CSRF protections, obtain sensitive information, or execute arbitrary code. A security issue was discovered with WebExtensions. If a user were tricked in to installing a specially crafted extension, an attacker could potentially exploit this to obtain full browser permissions. Various other issues were also addressed.
