Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
archlinuxArchLinuxASA-201812-9
HistoryDec 12, 2018 - 12:00 a.m.

[ASA-201812-9] firefox: multiple issues

2018-12-1200:00:00
security.archlinux.org
27

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.019 Low

EPSS

Percentile

88.5%

JSON

Arch Linux Security Advisory ASA-201812-9

Severity: Critical
Date : 2018-12-12
CVE-ID : CVE-2018-12405 CVE-2018-12406 CVE-2018-12407 CVE-2018-17466
CVE-2018-18492 CVE-2018-18493 CVE-2018-18494 CVE-2018-18495
CVE-2018-18497
Package : firefox
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-833

Summary

The package firefox before version 64.0-1 is vulnerable to multiple
issues including arbitrary code execution, same-origin policy bypass
and access restriction bypass.

Resolution

Upgrade to 64.0-1.

pacman -Syu “firefox>=64.0-1”

The problems have been fixed upstream in version 64.0.

Workaround

None.

Description

  • CVE-2018-12405 (arbitrary code execution)

Several memory safety bugs have been found in Firefox < 64.0. Some of
these bugs showed evidence of memory corruption and Mozilla presumes
that with enough effort some of these could be exploited to run
arbitrary code.

  • CVE-2018-12406 (arbitrary code execution)

Several memory safety bugs have been found in Firefox < 64.0. Some of
these bugs showed evidence of memory corruption and Mozilla presumes
that with enough effort some of these could be exploited to run
arbitrary code.

  • CVE-2018-12407 (arbitrary code execution)

A buffer overflow has been found in the Angle library used for WebGL
content by Firefox < 64.0, when drawing and validating elements with
the VertexBuffer11 module.

  • CVE-2018-17466 (arbitrary code execution)

A buffer overflow and out-of-bounds read has been found in the
TextureStorage11 function of the Angle library, as used in the chromium
browser before 70.0.3538.67 and Firefox before 64.0.

  • CVE-2018-18492 (arbitrary code execution)

A use-after-free has been found in Firefox < 64.0, after deleting a
selection element due to a weak reference to the select element in the
options collection.

  • CVE-2018-18493 (arbitrary code execution)

A buffer overflow can occur in the Skia library use by Firefox < 64.0,
during buffer offset calculations with hardware accelerated canvas 2D
actions due to the use of 32-bit calculations instead of 64-bit.

  • CVE-2018-18494 (same-origin policy bypass)

A same-origin policy violation has been found in Firefox < 64.0,
allowing the theft of cross-origin URL entries when using the
Javascript location property to cause a redirection to another site
using performance.getEntries().

  • CVE-2018-18495 (access restriction bypass)

A security issue has been found in Firefox < 64.0, where WebExtension
content scripts can be loaded into about: pages in some circumstances,
in violation of the permissions granted to extensions. This could allow
an extension to interfere with the loading and usage of these pages and
use capabilities that were intended to be restricted from extensions.

  • CVE-2018-18497 (access restriction bypass)

A security issue has been found in Firefox < 64.0, where limitations on
the URIs allowed to WebExtensions by the browser.windows.create API can
be bypassed when a pipe in the URL field is used within the extension
to load multiple pages as a single argument. This could allow a
malicious WebExtension to opened privileged about: or file: locations.

Impact

A remote attacker can access sensitive information, bypass security
measures and execute arbitrary code on the affected host.

References

https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-12405
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1494752%2C1498765%2C1503326%2C1505181%2C1500759%2C1504365%2C1506640%2C1503082%2C1502013%2C1510471
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-12406
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1456947%2C1475669%2C1504816%2C1502886%2C1500064%2C1500310%2C1500696%2C1499198%2C1434490%2C1481745%2C1458129
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-12407
https://bugzilla.mozilla.org/show_bug.cgi?id=1505973
https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html
https://bugs.chromium.org/p/chromium/issues/detail?id=880906
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-17466
https://bugzilla.mozilla.org/show_bug.cgi?id=1488295
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18492
https://bugzilla.mozilla.org/show_bug.cgi?id=1499861
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18493
https://bugzilla.mozilla.org/show_bug.cgi?id=1504452
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18494
https://bugzilla.mozilla.org/show_bug.cgi?id=1487964
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18495
https://bugzilla.mozilla.org/show_bug.cgi?id=1427585
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18497
https://bugzilla.mozilla.org/show_bug.cgi?id=1488180
https://security.archlinux.org/CVE-2018-12405
https://security.archlinux.org/CVE-2018-12406
https://security.archlinux.org/CVE-2018-12407
https://security.archlinux.org/CVE-2018-17466
https://security.archlinux.org/CVE-2018-18492
https://security.archlinux.org/CVE-2018-18493
https://security.archlinux.org/CVE-2018-18494
https://security.archlinux.org/CVE-2018-18495
https://security.archlinux.org/CVE-2018-18497

OSVersionArchitecturePackageVersionFilename
ArchLinuxanyanyfirefox< 64.0-1UNKNOWN

References

Related

openvas 29
ubuntu 2
nessus 55
freebsd 1
mozilla 3
oraclelinux 4
centos 4
redhat 5
osv 4
debian 4
altlinux 2
kaspersky 2
slackware 1
suse 5
ibm 1
amazon 1
mageia 1
gentoo 1
redhatcve 9
debiancve 9
cvelist 9
prion 9
cve 9
nvd 9
ubuntucve 9
attackerkb 1
veracode 6
myhack58 1
threatpost 1
archlinux 1
chrome 1
openvas
openvas
Ubuntu: Security Advisory (USN-3844-1)
2018-12-12 00:00:00
Mozilla Firefox Security Advisory (MFSA2018-29) - Linux
2021-11-08 00:00:00
Mozilla Firefox Security Advisories (MFSA2018-28, MFSA2018-30) - Mac OS X
2018-12-13 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2018-12-11 00:00:00
Thunderbird vulnerabilities
2019-01-24 00:00:00
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Firefox vulnerabilities (USN-3844-1)
2018-12-13 00:00:00
FreeBSD : mozilla -- multiple vulnerabilities (d10b49b2-8d02-49e8-afde-0844626317af)
2018-12-13 00:00:00
Mozilla Firefox < 64.0 Multiple Vulnerabilities (macOS) (deprecated)
2018-12-12 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2018-12-11 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox 64 — Mozilla
2018-12-11 00:00:00
Security vulnerabilities fixed in Thunderbird 60.4 — Mozilla
2018-12-21 00:00:00
Security vulnerabilities fixed in Firefox ESR 60.4 — Mozilla
2018-12-11 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2019-01-25 00:00:00
firefox security update
2018-12-18 00:00:00
thunderbird security update
2019-01-25 00:00:00
centos
centos
thunderbird security update
2019-02-01 23:12:43
thunderbird security update
2019-02-01 23:14:30
firefox security update
2018-12-21 19:08:51
redhat
redhat
(RHSA-2018:3831) Critical: firefox security update
2018-12-17 13:56:10
(RHSA-2019:0160) Important: thunderbird security update
2019-01-24 21:48:12
(RHSA-2018:3833) Critical: firefox security update
2018-12-17 14:10:13
osv
osv
thunderbird - security update
2019-01-02 00:00:00
thunderbird - security update
2019-01-01 00:00:00
firefox-esr - security update
2018-12-13 00:00:00
debian
debian
[SECURITY] [DLA 1605-1] firefox-esr security update
2018-12-13 09:12:03
[SECURITY] [DSA 4354-1] firefox-esr security update
2018-12-12 21:08:52
[SECURITY] [DSA 4330-1] chromium-browser security update
2018-11-02 11:47:45
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 60.4.0-alt1
2018-12-11 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 60.4.0-alt1
2018-12-24 00:00:00
kaspersky
kaspersky
KLA11389 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
2018-12-11 00:00:00
KLA11406 Multiple vulnerabilities in Mozilla Thunderbird
2018-12-21 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2018-12-12 04:59:01
suse
suse
Security update for Mozilla Firefox (important)
2018-12-13 12:09:13
Security update for MozillaThunderbird (important)
2019-02-14 00:00:00
Security update for MozillaThunderbird (important)
2019-02-26 00:00:00
ibm
ibm
Security Bulletin: Multiple Mozilla Firefox vulnerabilities in IBM SONAS
2019-05-02 08:10:01
amazon
amazon
Critical: thunderbird
2019-03-07 05:55:00
mageia
mageia
Updated firefox packages fix security vulnerabilities
2018-12-16 00:29:48
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2019-03-10 00:00:00
redhatcve
redhatcve
CVE-2018-18495
2019-04-04 08:50:14
CVE-2018-18497
2019-04-04 07:50:17
CVE-2018-12407
2019-03-26 13:49:48
debiancve
debiancve
CVE-2018-18495
2019-02-28 18:29:01
CVE-2018-18497
2019-02-28 18:29:01
CVE-2018-12407
2019-02-28 18:29:01
cvelist
cvelist
CVE-2018-18495
2019-02-28 18:00:00
CVE-2018-18497
2019-02-28 18:00:00
CVE-2018-12407
2019-02-28 18:00:00
prion
prion
Spoofing
2019-02-28 18:29:00
Design/Logic Flaw
2019-02-28 18:29:00
Buffer overflow
2019-02-28 18:29:00
cve
cve
CVE-2018-18497
2019-02-28 18:29:01
CVE-2018-18495
2019-02-28 18:29:01
CVE-2018-12407
2019-02-28 18:29:01
nvd
nvd
CVE-2018-12407
2019-02-28 18:29:01
CVE-2018-18495
2019-02-28 18:29:01
CVE-2018-18497
2019-02-28 18:29:01
ubuntucve
ubuntucve
CVE-2018-12407
2018-12-11 00:00:00
CVE-2018-18495
2018-12-11 00:00:00
CVE-2018-18497
2018-12-11 00:00:00
attackerkb
attackerkb
CVE-2018-18492: Mozilla Firefox Select Element Use-After-Free
2019-02-28 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-16 03:23:44
Insecure Same-Origin Policy
2019-05-16 03:23:45
Denial Of Service (DoS)
2019-05-16 03:23:44
myhack58
myhack58
Each rush of the weekend, all need to work together light getting tired of the twice cooked pork to enrich their inexplicable restlessness-vulnerability warning-the black bar safety net
2019-07-08 00:00:00
threatpost
threatpost
On Heels of Criticism, Newly-Released Google Chrome 70 Prioritizes Privacy
2018-10-17 14:04:48
archlinux
archlinux
[ASA-201810-12] chromium: multiple issues
2018-10-17 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2018-10-16 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.019 Low

EPSS

Percentile

88.5%

JSON
Related for ASA-201812-9
openvas29ubuntu2nessus55freebsd1mozilla3oraclelinux4centos4redhat5osv4debian4altlinux2kaspersky2slackware1suse5ibm1amazon1mageia1gentoo1redhatcve9debiancve9cvelist9prion9cve9nvd9ubuntucve9attackerkb1veracode6myhack581threatpost1archlinux1chrome1