Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2018-12405

Published: 28/02/2019 Updated: 12/03/2019
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Mozilla

Vulnerability Summary

Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla thunderbird

mozilla firefox

mozilla firefox esr

debian debian linux 8.0

canonical ubuntu linux 18.04

canonical ubuntu linux 16.04

canonical ubuntu linux 14.04

debian debian linux 9.0

canonical ubuntu linux 18.10

redhat enterprise linux desktop 6.0

redhat enterprise linux server eus 7.6

redhat enterprise linux server aus 7.6

redhat enterprise linux server tus 7.6

redhat enterprise linux server 6.0

redhat enterprise linux workstation 6.0

redhat enterprise linux desktop 7.0

redhat enterprise linux server 7.0

redhat enterprise linux workstation 7.0

Vendor Advisories

Ubuntu Security Notice: firefox vulnerabilities
Firefox could be made to crash or run programs as your login if it opened a malicious website ...
Ubuntu Security Notice: thunderbird vulnerabilities
Several security issues were fixed in Thunderbird ...
Red Hat: Important: thunderbird security update
Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Topic An update for thunderbird is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) bas ...
Red Hat: Critical: firefox security update
Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic An update for firefox is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, wh ...
Red Hat: Critical: firefox security update
Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic An update for firefox is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, wh ...
Red Hat: Important: thunderbird security update
Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Topic An update for thunderbird is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) bas ...
Amazon Linux 2: ALAS2-2019-1168
A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit This results in a potentially exploitable crash This vulnerability affects Thunderbird &lt; 604, Firefox ESR &lt; 604, and Firefox &lt; 64(CVE-2018-18493) A same-o ...
Red Hat: CVE-2018-12405
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem When the candidate has been publicized, the details for this candidate will be provided ...
Arch Linux Issues:
Several memory safety bugs have been found in Firefox &lt; 640 Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could be exploited to run arbitrary code ...
Mozilla: Security vulnerabilities fixed in Firefox 64
Mozilla Foundation Security Advisory 2018-29 Security vulnerabilities fixed in Firefox 64 Announced December 11, 2018 Impact critical Products Firefox Fixed in Firefox 64 ...
Mozilla: Security vulnerabilities fixed in Thunderbird 60.4
Mozilla Foundation Security Advisory 2018-31 Security vulnerabilities fixed in Thunderbird 604 Announced December 21, 2018 Impact critical Products Thunderbird Fixed in Thunderbird 604 ...
Mozilla: Security vulnerabilities fixed in Firefox ESR 60.4
Mozilla Foundation Security Advisory 2018-30 Security vulnerabilities fixed in Firefox ESR 604 Announced December 11, 2018 Impact critical Products Firefox ESR Fixed in Firefox ESR 604 ...

References

CWE-119https://www.mozilla.org/security/advisories/mfsa2018-31/https://www.mozilla.org/security/advisories/mfsa2018-30/https://www.mozilla.org/security/advisories/mfsa2018-29/https://bugzilla.mozilla.org/buglist.cgi?bug_id=1494752%2C1498765%2C1503326%2C1505181%2C1500759%2C1504365%2C1506640%2C1503082%2C1502013%2C1510471https://www.debian.org/security/2019/dsa-4362https://www.debian.org/security/2018/dsa-4354https://usn.ubuntu.com/3868-1/https://usn.ubuntu.com/3844-1/https://lists.debian.org/debian-lts-announce/2018/12/msg00002.htmlhttps://access.redhat.com/errata/RHSA-2019:0160https://access.redhat.com/errata/RHSA-2019:0159https://access.redhat.com/errata/RHSA-2018:3833https://access.redhat.com/errata/RHSA-2018:3831http://www.securityfocus.com/bid/106168https://security.gentoo.org/glsa/201903-04https://usn.ubuntu.com/3844-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-1183hard-codedCVE-2024-28254CVE-2023-43790buffer overflowbypassCVE-2024-32633CVE-2024-1874CVE-2024-23558
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook