7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.019 Low
EPSS
Percentile
88.5%
Severity: Critical
Date : 2018-12-12
CVE-ID : CVE-2018-12405 CVE-2018-12406 CVE-2018-12407 CVE-2018-17466
CVE-2018-18492 CVE-2018-18493 CVE-2018-18494 CVE-2018-18495
CVE-2018-18497
Package : firefox
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-833
The package firefox before version 64.0-1 is vulnerable to multiple
issues including arbitrary code execution, same-origin policy bypass
and access restriction bypass.
Upgrade to 64.0-1.
The problems have been fixed upstream in version 64.0.
None.
Several memory safety bugs have been found in Firefox < 64.0. Some of
these bugs showed evidence of memory corruption and Mozilla presumes
that with enough effort some of these could be exploited to run
arbitrary code.
Several memory safety bugs have been found in Firefox < 64.0. Some of
these bugs showed evidence of memory corruption and Mozilla presumes
that with enough effort some of these could be exploited to run
arbitrary code.
A buffer overflow has been found in the Angle library used for WebGL
content by Firefox < 64.0, when drawing and validating elements with
the VertexBuffer11 module.
A buffer overflow and out-of-bounds read has been found in the
TextureStorage11 function of the Angle library, as used in the chromium
browser before 70.0.3538.67 and Firefox before 64.0.
A use-after-free has been found in Firefox < 64.0, after deleting a
selection element due to a weak reference to the select element in the
options collection.
A buffer overflow can occur in the Skia library use by Firefox < 64.0,
during buffer offset calculations with hardware accelerated canvas 2D
actions due to the use of 32-bit calculations instead of 64-bit.
A same-origin policy violation has been found in Firefox < 64.0,
allowing the theft of cross-origin URL entries when using the
Javascript location property to cause a redirection to another site
using performance.getEntries().
A security issue has been found in Firefox < 64.0, where WebExtension
content scripts can be loaded into about: pages in some circumstances,
in violation of the permissions granted to extensions. This could allow
an extension to interfere with the loading and usage of these pages and
use capabilities that were intended to be restricted from extensions.
A security issue has been found in Firefox < 64.0, where limitations on
the URIs allowed to WebExtensions by the browser.windows.create API can
be bypassed when a pipe in the URL field is used within the extension
to load multiple pages as a single argument. This could allow a
malicious WebExtension to opened privileged about: or file: locations.
A remote attacker can access sensitive information, bypass security
measures and execute arbitrary code on the affected host.
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-12405
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1494752%2C1498765%2C1503326%2C1505181%2C1500759%2C1504365%2C1506640%2C1503082%2C1502013%2C1510471
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-12406
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1456947%2C1475669%2C1504816%2C1502886%2C1500064%2C1500310%2C1500696%2C1499198%2C1434490%2C1481745%2C1458129
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-12407
https://bugzilla.mozilla.org/show_bug.cgi?id=1505973
https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html
https://bugs.chromium.org/p/chromium/issues/detail?id=880906
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-17466
https://bugzilla.mozilla.org/show_bug.cgi?id=1488295
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18492
https://bugzilla.mozilla.org/show_bug.cgi?id=1499861
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18493
https://bugzilla.mozilla.org/show_bug.cgi?id=1504452
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18494
https://bugzilla.mozilla.org/show_bug.cgi?id=1487964
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18495
https://bugzilla.mozilla.org/show_bug.cgi?id=1427585
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18497
https://bugzilla.mozilla.org/show_bug.cgi?id=1488180
https://security.archlinux.org/CVE-2018-12405
https://security.archlinux.org/CVE-2018-12406
https://security.archlinux.org/CVE-2018-12407
https://security.archlinux.org/CVE-2018-17466
https://security.archlinux.org/CVE-2018-18492
https://security.archlinux.org/CVE-2018-18493
https://security.archlinux.org/CVE-2018-18494
https://security.archlinux.org/CVE-2018-18495
https://security.archlinux.org/CVE-2018-18497
bugs.chromium.org/p/chromium/issues/detail?id=880906
bugzilla.mozilla.org/buglist.cgi?bug_id=1456947%2C1475669%2C1504816%2C1502886%2C1500064%2C1500310%2C1500696%2C1499198%2C1434490%2C1481745%2C1458129
bugzilla.mozilla.org/buglist.cgi?bug_id=1494752%2C1498765%2C1503326%2C1505181%2C1500759%2C1504365%2C1506640%2C1503082%2C1502013%2C1510471
bugzilla.mozilla.org/show_bug.cgi?id=1427585
bugzilla.mozilla.org/show_bug.cgi?id=1487964
bugzilla.mozilla.org/show_bug.cgi?id=1488180
bugzilla.mozilla.org/show_bug.cgi?id=1488295
bugzilla.mozilla.org/show_bug.cgi?id=1499861
bugzilla.mozilla.org/show_bug.cgi?id=1504452
bugzilla.mozilla.org/show_bug.cgi?id=1505973
chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html
security.archlinux.org/AVG-833
security.archlinux.org/CVE-2018-12405
security.archlinux.org/CVE-2018-12406
security.archlinux.org/CVE-2018-12407
security.archlinux.org/CVE-2018-17466
security.archlinux.org/CVE-2018-18492
security.archlinux.org/CVE-2018-18493
security.archlinux.org/CVE-2018-18494
security.archlinux.org/CVE-2018-18495
security.archlinux.org/CVE-2018-18497
www.mozilla.org/en-US/security/advisories/mfsa2018-29/
www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-12405
www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-12406
www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-12407
www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-17466
www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18492
www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18493
www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18494
www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18495
www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18497
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.019 Low
EPSS
Percentile
88.5%