Lucene search

K

[email protected]NVD:CVE-2018-18502

HistoryFeb 05, 2019 - 9:29 p.m.

CVE-2018-18502

2019-02-0521:29:00

CWE-119

[email protected]

web.nvd.nist.gov

4

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.005

Percentile

75.8%

Mozilla developers and community members reported memory safety bugs present in Firefox 64. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 65.

Affected configurations

Nvd

Node

mozillafirefoxRange<65.0

Node

canonicalubuntu_linuxMatch14.04lts

OR

canonicalubuntu_linuxMatch16.04lts

OR

canonicalubuntu_linuxMatch18.04lts

OR

canonicalubuntu_linuxMatch18.10

References

www.securityfocus.com/bid/106773

usn.ubuntu.com/3874-1/

www.mozilla.org/security/advisories/mfsa2019-01/

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.005

Percentile

75.8%

Related for NVD:CVE-2018-18502

cve1 cvelist1 veracode1 prion1 debiancve1 ubuntucve1 nessus5 ubuntu1 openvas4 freebsd1 kaspersky1 mozilla1 archlinux1