Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2018-18356 CVE-2019-5785 CVE-2018-18335

Source

Mozilla Foundation Security Advisory 2019-05

Security vulnerabilities fixed in Firefox ESR 60.5.1

Announced

February 12, 2019

Impact

high

Products

Firefox ESR

Fixed in

Firefox ESR 60.5.1

#CVE-2018-18356: Use-after-free in Skia

Reporter: Tran Tien Hung of Viettel Cyber Security
Impact: high

Description

A use-after-free vulnerability in the Skia library can occur when creating a path, leading to a potentially exploitable crash.

References

Bug 1525817

#CVE-2019-5785: Integer overflow in Skia

Reporter: Ivan Fratric of Google Project Zero
Impact: high

Description

An integer overflow vulnerability in the Skia library can occur after specific transform operations, leading to a potentially exploitable crash.

References

#CVE-2018-18335: Buffer overflow in Skia with accelerated Canvas 2D

Reporter: Anonymous
Impact: high

Description

A buffer overflow vulnerability in the Skia library can occur with Canvas 2D acceleration on macOS. This issue was addressed by disabling Canvas 2D acceleration in Firefox ESR.
Note: this does not affect other versions and platforms where Canvas 2D acceleration is already disabled by default.

References

Bug 1525815

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Security vulnerabilities fixed in Firefox ESR 60.5.1

Security vulnerabilities fixed in Firefox ESR 60.5.1

#CVE-2018-18356: Use-after-free in Skia

Description

References

#CVE-2019-5785: Integer overflow in Skia

Description

References

#CVE-2018-18335: Buffer overflow in Skia with accelerated Canvas 2D

Description

References

Vulmon Search

About

Products

Connect