Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2018-5168  

Sites can bypass security checks on permissions to install lightweight themes in Firefox before 60.0 and Thunderbird before 52.8, by manipulating the baseURI property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images.

Source
Severity Medium

Remote Yes

Type Access restriction bypass

Description 

Sites can bypass security checks on permissions to install lightweight themes in Firefox before 60.0 and Thunderbird before 52.8, by manipulating the baseURI property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images.

AVG-707 thunderbird 52.7.0-2 52.8.0-1 Critical Fixed

AVG-693 firefox 59.0.2-3 60.0-1 Critical Fixed

21 May 2018 ASA-201805-21 AVG-707 thunderbird Critical multiple issues

13 May 2018 ASA-201805-10 AVG-693 firefox Critical multiple issues 

https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5168
https://bugzilla.mozilla.org/show_bug.cgi?id=1449548

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started