Lucene search

K

PRIOn knowledge basePRION:CVE-2018-12365

HistoryOct 18, 2018 - 1:29 p.m.

Code injection

2018-10-1813:29:00

PRIOn knowledge base

www.prio-n.com

7

7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.2%

A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

CPENameOperatorVersion
ubuntu_linuxeq16.04
ubuntu_linuxeq14.04
ubuntu_linuxeq17.10
ubuntu_linuxeq18.04
debian_linuxeq8.0
debian_linuxeq9.0
firefoxlt61.0
firefox_esrlt52.9
firefox_esrge53.0
firefox_esrlt60.1.0

Rows per page:

1-10 of 231

References

www.securityfocus.com/bid/104560

www.securitytracker.com/id/1041193

access.redhat.com/errata/RHSA-2018:2112

access.redhat.com/errata/RHSA-2018:2113

access.redhat.com/errata/RHSA-2018:2251

access.redhat.com/errata/RHSA-2018:2252

bugzilla.mozilla.org/show_bug.cgi?id=1459206

lists.debian.org/debian-lts-announce/2018/06/msg00014.html

lists.debian.org/debian-lts-announce/2018/07/msg00013.html

security.gentoo.org/glsa/201810-01

security.gentoo.org/glsa/201811-13

usn.ubuntu.com/3705-1/

usn.ubuntu.com/3714-1/

www.debian.org/security/2018/dsa-4235

www.debian.org/security/2018/dsa-4244

www.mozilla.org/security/advisories/mfsa2018-15/

www.mozilla.org/security/advisories/mfsa2018-16/

www.mozilla.org/security/advisories/mfsa2018-17/

www.mozilla.org/security/advisories/mfsa2018-18/

www.mozilla.org/security/advisories/mfsa2018-19/

7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.2%

Related for PRION:CVE-2018-12365

cve1 ubuntucve1 veracode1 debiancve1 redhatcve1 cvelist1 nvd1 debian4 ibm1 nessus54 openvas35 suse8 osv4 mageia4 archlinux2 oraclelinux3 redhat4 mozilla5 ubuntu3 centos4 amazon1 altlinux3 kaspersky3 freebsd1 gentoo2