Mozilla Firefox is vulnerable to out-of-bound reads. The vulnerability exists in the IsComplete() function in WebGLTexture.cpp that is triggered when handling textures. An unauthenticated, remote attacker can exploit this to disclose memory contents.
www.securityfocus.com/bid/99057
www.securitytracker.com/id/1038689
access.redhat.com/errata/RHSA-2017:1440
access.redhat.com/errata/RHSA-2017:1561
access.redhat.com/security/updates/classification/#critical
bugzilla.mozilla.org/show_bug.cgi?id=1357090
www.debian.org/security/2017/dsa-3881
www.debian.org/security/2017/dsa-3918
www.mozilla.org/en-US/security/advisories/mfsa2017-16/
www.mozilla.org/security/advisories/mfsa2017-15/
www.mozilla.org/security/advisories/mfsa2017-16/
www.mozilla.org/security/advisories/mfsa2017-17/