Lucene search

K

Mozilla Firefox ESR Security Advisories (MFSA2018-15, MFSA2018-17) - Windows

🗓️ 27 Jun 2018 00:00:00Reported by Copyright (C) 2018 Greenbone AGType 
openvas
 openvas
🔗 plugins.openvas.org👁 34 Views

Mozilla Firefox ESR Security Advisories (MFSA2018-15, MFSA2018-17) - Windows. Vulnerabilities include buffer overflow, use-after-free, integer overflow, compromised IPC, media recorder segmentation fault, invalid data handling, warning bypass, and memory safety bugs. Successful exploitation leads to remote code execution, sensitive information disclosure, and denial of service

Show more
Related
Refs
Code
# SPDX-FileCopyrightText: 2018 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:mozilla:firefox_esr";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.813621");
  script_version("2024-02-15T05:05:40+0000");
  script_cve_id("CVE-2018-12359", "CVE-2018-12360", "CVE-2018-12361", "CVE-2018-12362",
                "CVE-2018-5188", "CVE-2018-5156", "CVE-2018-12363", "CVE-2018-12364",
                "CVE-2018-12365", "CVE-2018-12371", "CVE-2018-12366", "CVE-2018-12367",
                "CVE-2018-12368", "CVE-2018-12369", "CVE-2018-5187");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2024-02-15 05:05:40 +0000 (Thu, 15 Feb 2024)");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2019-10-03 00:03:00 +0000 (Thu, 03 Oct 2019)");
  script_tag(name:"creation_date", value:"2018-06-27 16:04:11 +0530 (Wed, 27 Jun 2018)");
  script_name("Mozilla Firefox ESR Security Advisories (MFSA2018-15, MFSA2018-17) - Windows");

  script_tag(name:"summary", value:"Mozilla Firefox ESR is prone to multiple vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"Multiple flaws exist due to:

  - Buffer overflow error using computed size of canvas element.

  - Multiple use-after-free errors.

  - Multiple integer overflow errors.

  - Compromised IPC child process can list local filenames.

  - Media recorder segmentation fault error when track type is changed during capture.

  - Invalid data handling during QCMS transformations.

  - No warning when opening executable SettingContent-ms files.

  - Timing attack mitigation of PerformanceNavigationTiming.

  - WebExtensions bundled with embedded experiments were not correctly checked
    for proper authorization.

  - Memory safety bugs.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote
  attackers to run arbitrary code, bypass CSRF protections, disclose sensitive
  information and cause denial of service condition.");

  script_tag(name:"affected", value:"Mozilla Firefox ESR version before
  60.1 on Windows.");

  script_tag(name:"solution", value:"Update to Mozilla Firefox ESR version
  60.1 or later. Please see the references for more information.");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"registry");
  script_xref(name:"URL", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2018-16");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2018 Greenbone AG");
  script_family("General");
  script_dependencies("gb_firefox_detect_win.nasl", "gb_firefox_detect_portable_win.nasl");
  script_mandatory_keys("Firefox-ESR/Win/Ver");
  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
  exit(0);

vers = infos["version"];
path = infos["location"];

if(version_in_range(version:vers, test_version:"60.0.0", test_version2:"60.0.2")) {
  report = report_fixed_ver(installed_version:vers, fixed_version:"60.1", install_path:path);
  security_message(port:0, data:report);
  exit(0);
}

exit(99);

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo