Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD5AEFC41E-D304-4EC8-8C82-824F84F08244
HistoryMay 09, 2018 - 12:00 a.m.

mozilla -- multiple vulnerabilities

2018-05-0900:00:00
vuxml.freebsd.org
40

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

0.122 Low

EPSS

Percentile

95.4%

JSON

Mozilla Foundation reports:

CVE-2018-5183: Backport critical security fixes in Skia
CVE-2018-5154: Use-after-free with SVG animations and clip paths
CVE-2018-5155: Use-after-free with SVG animations and text paths
CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files
CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer
CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
CVE-2018-5160: Uninitialized memory use by WebRTC encoder
CVE-2018-5152: WebExtensions information leak through webRequest API
CVE-2018-5153: Out-of-bounds read in mixed content websocket messages
CVE-2018-5163: Replacing cached data in JavaScript Start-up Bytecode Cache
CVE-2018-5164: CSP not applied to all multipart content sent with multipart/x-mixed-replace
CVE-2018-5166: WebExtension host permission bypass through filterReponseData
CVE-2018-5167: Improper linkification of chrome: and javascript: content in web console and JavaScript debugger
CVE-2018-5168: Lightweight themes can be installed without user interaction
CVE-2018-5169: Dragging and dropping link text onto home button can set home page to include chrome pages
CVE-2018-5172: Pasted script from clipboard can run in the Live Bookmarks page or PDF viewer
CVE-2018-5173: File name spoofing of Downloads panel with Unicode characters
CVE-2018-5174: Windows Defender SmartScreen UI runs with less secure behavior for downloaded files in Windows 10 April 2018 Update
CVE-2018-5175: Universal CSP bypass on sites using strict-dynamic in their policies
CVE-2018-5176: JSON Viewer script injection
CVE-2018-5177: Buffer overflow in XSLT during number formatting
CVE-2018-5165: Checkbox for enabling Flash protected mode is inverted in 32-bit Firefox
CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension
CVE-2018-5180: heap-use-after-free in mozilla::WebGLContext::DrawElementsInstanced
CVE-2018-5181: Local file can be displayed in noopener tab through drag and drop of hyperlink
CVE-2018-5182: Local file can be displayed from hyperlink dragged and dropped on addressbar
CVE-2018-5151: Memory safety bugs fixed in Firefox 60
CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8

Related

openvas 31
nessus 43
altlinux 3
kaspersky 2
archlinux 2
ubuntu 3
mozilla 3
osv 4
mageia 3
suse 3
debian 4
centos 4
redhat 4
ibm 1
oraclelinux 4
amazon 1
cvelist 11
redhatcve 14
debiancve 10
ubuntucve 12
prion 13
nvd 12
cve 12
openvas
openvas
Mozilla Firefox Security Advisories (MFSA2018-11, MFSA2018-12) - Mac OS X
2018-05-11 00:00:00
Mozilla Firefox Security Advisories (MFSA2018-11, MFSA2018-12) - Windows
2018-05-11 00:00:00
Ubuntu: Security Advisory (USN-3645-2)
2018-05-19 00:00:00
nessus
nessus
Mozilla Firefox < 60 Multiple Critical Vulnerabilities (macOS)
2018-05-17 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Firefox vulnerabilities (USN-3645-1)
2018-05-14 00:00:00
Mozilla Firefox < 60 Multiple Critical Vulnerabilities
2018-05-17 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 60.0.1-alt1
2018-06-05 00:00:00
Security fix for the ALT Linux 10 package firefox-esr version 52.8.0-alt1
2018-05-09 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 52.8.0-alt1
2018-05-19 00:00:00
kaspersky
kaspersky
KLA11246 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2018-05-09 00:00:00
KLA11251 Multiple vulnerabilities in Mozilla Thunderbird
2018-05-18 00:00:00
archlinux
archlinux
[ASA-201805-10] firefox: multiple issues
2018-05-13 00:00:00
[ASA-201805-21] thunderbird: multiple issues
2018-05-21 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2018-05-11 00:00:00
Firefox regression
2018-05-18 00:00:00
Thunderbird vulnerabilities
2018-05-25 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox 60 — Mozilla
2018-05-09 00:00:00
Security vulnerabilities fixed in Firefox ESR 52.8 — Mozilla
2018-05-09 00:00:00
Security vulnerabilities fixed in Thunderbird 52.8 — Mozilla
2018-05-18 00:00:00
osv
osv
firefox-esr - security update
2018-05-10 00:00:00
firefox-esr - security update
2018-05-11 00:00:00
thunderbird - security update
2018-05-25 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerabilities
2018-05-17 13:54:59
Updated thunderbird packages fix security vulnerabilities
2018-05-30 22:55:44
Updated iceaepe packages fix security vulnerability
2018-08-15 18:45:26
suse
suse
Security update for Mozilla Firefox (important)
2018-05-11 00:14:24
Security update for Mozilla Thunderbird (important)
2018-05-21 03:08:11
Security update for Mozilla Thunderbird (important)
2018-05-21 03:06:59
debian
debian
[SECURITY] [DSA 4199-1] firefox-esr security update
2018-05-10 19:21:33
[SECURITY] [DLA 1376-1] firefox-esr security update
2018-05-11 07:42:32
[SECURITY] [DSA 4209-1] thunderbird security update
2018-05-25 04:58:06
centos
centos
firefox security update
2018-05-17 11:21:53
firefox security update
2018-05-30 18:23:11
thunderbird security update
2018-05-29 17:26:47
redhat
redhat
(RHSA-2018:1415) Critical: firefox security update
2018-05-14 13:22:39
(RHSA-2018:1414) Critical: firefox security update
2018-05-14 13:20:52
(RHSA-2018:1725) Important: thunderbird security update
2018-05-24 18:29:53
ibm
ibm
Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM SONAS
2018-11-02 04:05:01
oraclelinux
oraclelinux
firefox security update
2018-05-14 00:00:00
firefox security update
2018-05-14 00:00:00
thunderbird security update
2018-05-24 00:00:00
amazon
amazon
Critical: thunderbird
2018-06-07 23:30:00
cvelist
cvelist
CVE-2018-5167
2018-06-11 21:00:00
CVE-2018-5173
2018-06-11 21:00:00
CVE-2018-5164
2018-06-11 21:00:00
redhatcve
redhatcve
CVE-2018-5173
2018-05-10 06:20:00
CVE-2018-5175
2018-05-10 06:19:34
CVE-2018-5164
2019-10-12 02:20:31
debiancve
debiancve
CVE-2018-5173
2018-06-11 21:29:15
CVE-2018-5175
2018-06-11 21:29:16
CVE-2018-5164
2018-06-11 21:29:15
ubuntucve
ubuntucve
CVE-2018-5173
2018-05-11 00:00:00
CVE-2018-5167
2018-05-11 00:00:00
CVE-2018-5181
2018-05-11 00:00:00
prion
prion
Design/Logic Flaw
2018-06-11 21:29:00
Format string
2018-06-11 21:29:00
Memory corruption
2018-06-11 21:29:00
nvd
nvd
CVE-2018-5152
2018-06-11 21:29:15
CVE-2018-5164
2018-06-11 21:29:15
CVE-2018-5163
2018-06-11 21:29:15
cve
cve
CVE-2018-5167
2018-06-11 21:29:15
CVE-2018-5172
2018-06-11 21:29:15
CVE-2018-5181
2018-06-11 21:29:16

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

0.122 Low

EPSS

Percentile

95.4%

JSON
Related for 5AEFC41E-D304-4EC8-8C82-824F84F08244
openvas31nessus43altlinux3kaspersky2archlinux2ubuntu3mozilla3osv4mageia3suse3debian4centos4redhat4ibm1oraclelinux4amazon1cvelist11redhatcve14debiancve10ubuntucve12prion13nvd12cve12