Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2018-5158HistoryJun 11, 2018 - 9:29 p.m.
CVE-2018-5158
2018-06-1121:29:00
Debian Security Bug Tracker
security-tracker.debian.org
12
0.019 Low
EPSS
Percentile
88.7%
The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | firefox | < 60.0-1 | firefox_60.0-1_all.deb |
| Debian | 12 | all | firefox-esr | < 52.8.0esr-1 | firefox-esr_52.8.0esr-1_all.deb |
| Debian | 11 | all | firefox-esr | < 52.8.0esr-1 | firefox-esr_52.8.0esr-1_all.deb |
| Debian | 10 | all | firefox-esr | < 52.8.0esr-1 | firefox-esr_52.8.0esr-1_all.deb |
| Debian | 999 | all | firefox-esr | < 52.8.0esr-1 | firefox-esr_52.8.0esr-1_all.deb |
| Debian | 13 | all | firefox-esr | < 52.8.0esr-1 | firefox-esr_52.8.0esr-1_all.deb |
| Debian | 999 | all | gitlab | < 11.8.6+dfsg-1 | gitlab_11.8.6+dfsg-1_all.deb |
Related
prion
prion
Code injection
2018-06-11 21:29:00
cve
cve
CVE-2018-5158
2018-06-11 21:29:00
redhatcve
redhatcve
CVE-2018-5158
2020-01-29 16:02:26
veracode
veracode
Code Injection
2019-05-16 02:25:17
cvelist
cvelist
CVE-2018-5158
2018-06-11 21:00:00
ubuntucve
ubuntucve
CVE-2018-5158
2018-05-10 00:00:00
github
github
Malicious PDF can inject JavaScript into PDF Viewer
2022-05-14 01:22:02
hackerone
hackerone
Nextcloud: XSS in PDF Viewer
2020-03-16 02:01:22
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 52.8.0-alt1
2018-05-09 00:00:00
Security fix for the ALT Linux 10 package firefox-esr version 60.0.1-alt1
2018-06-05 00:00:00
ibm
ibm
nessus
nessus
openSUSE Security Update : Mozilla Firefox (openSUSE-2018-452)
2018-05-11 00:00:00
RHEL 7 : firefox (RHSA-2018:1415)
2018-05-16 00:00:00
Scientific Linux Security Update : firefox on SL7.x x86_64 (20180515)
2018-05-16 00:00:00
openvas
openvas
openSUSE: Security Advisory for Mozilla (openSUSE-SU-2018:1212-1)
2018-05-11 00:00:00
Debian: Security Advisory (DLA-1376-1)
2018-05-13 00:00:00
CentOS Update for firefox CESA-2018:1414 centos6
2018-05-21 00:00:00
centos
centos
firefox security update
2018-05-30 18:23:11
firefox security update
2018-05-17 11:21:53
suse
suse
Security update for Mozilla Firefox (important)
2018-05-11 00:14:24
debian
debian
[SECURITY] [DSA 4199-1] firefox-esr security update
2018-05-10 19:22:03
[SECURITY] [DLA 1376-1] firefox-esr security update
2018-05-11 07:42:53
osv
osv
firefox-esr - security update
2018-05-11 00:00:00
firefox-esr - security update
2018-05-10 00:00:00
redhat
redhat
(RHSA-2018:1415) Critical: firefox security update
2018-05-14 13:22:39
(RHSA-2018:1414) Critical: firefox security update
2018-05-14 13:20:52
oraclelinux
oraclelinux
firefox security update
2018-05-14 00:00:00
firefox security update
2018-05-14 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox ESR 52.8 — Mozilla
2018-05-09 00:00:00
Security vulnerabilities fixed in Firefox 60 — Mozilla
2018-05-09 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerabilities
2018-05-17 13:54:59
Updated iceaepe packages fix security vulnerability
2018-08-15 18:45:26
freebsd
freebsd
Gitlab -- Multiple vulnerabilities
2019-04-01 00:00:00
mozilla -- multiple vulnerabilities
2018-05-09 00:00:00
archlinux
archlinux
[ASA-201805-10] firefox: multiple issues
2018-05-13 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2018-05-11 00:00:00
Firefox regression
2018-05-18 00:00:00
kaspersky
kaspersky
KLA11246 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2018-05-09 00:00:00
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2018-10-02 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00