Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Information
Published : 2019-02-28 10:29
Updated : 2019-03-12 05:55
NVD link : CVE-2018-12405
Mitre link : CVE-2018-12405
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
redhat
- enterprise_linux_desktop
- enterprise_linux_server_aus
- enterprise_linux_workstation
- enterprise_linux_server_tus
- enterprise_linux_server_eus
- enterprise_linux_server
mozilla
- firefox_esr
- thunderbird
- firefox
canonical
- ubuntu_linux
debian
- debian_linux