Published: 28/02/2019 Updated: 24/08/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argument. This could allow a malicious WebExtension to open privileged about: or file: locations. This vulnerability affects Firefox < 64.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox
canonical ubuntu linux 14.04
canonical ubuntu linux 18.04
canonical ubuntu linux 16.04
canonical ubuntu linux 18.10

Firefox could be made to crash or run programs as your login if it opened a malicious website ...

Mozilla Foundation Security Advisory 2018-29 Security vulnerabilities fixed in Firefox 64 Announced December 11, 2018 Impact critical Products Firefox Fixed in Firefox 64 ...

A security issue has been found in Firefox < 640, where limitations on the URIs allowed to WebExtensions by the browserwindowscreate API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argument This could allow a malicious WebExtension to opened privileged about: or file: locations ...

NVD-CWE-noinfo https://www.mozilla.org/security/advisories/mfsa2018-29/https://bugzilla.mozilla.org/show_bug.cgi?id=1488180 https://usn.ubuntu.com/3844-1/http://www.securityfocus.com/bid/106167 https://usn.ubuntu.com/3844-1/https://nvd.nist.gov

CVE-2018-18497

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect