Lucene search
PRIOn knowledge basePRION:CVE-2018-12387HistoryOct 18, 2018 - 1:29 p.m.
Null pointer dereference
2018-10-1813:29:00
PRIOn knowledge base
www.prio-n.com
3
A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content process. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.
References
www.securityfocus.com/bid/105460
www.securitytracker.com/id/1041770
access.redhat.com/errata/RHSA-2018:2881
access.redhat.com/errata/RHSA-2018:2884
bugzilla.mozilla.org/show_bug.cgi?id=1493903
security.gentoo.org/glsa/201810-01
usn.ubuntu.com/3778-1/
www.debian.org/security/2018/dsa-4310
www.mozilla.org/security/advisories/mfsa2018-24/
Related
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox JIT Compiler Memory Leak (CVE-2018-12387)
2020-06-05 00:00:00
nessus
nessus
Slackware 14.2 / current : mozilla-firefox (SSA:2018-276-01)
2018-10-03 00:00:00
Debian DSA-4310-1 : firefox-esr - security update
2018-10-04 00:00:00
Mozilla Firefox ESR < 60.2.2 Multiple Vulnerabilities (macOS)
2018-10-04 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-16 03:37:14
slackware
slackware
[slackware-security] mozilla-firefox
2018-10-03 05:32:39
nvd
nvd
CVE-2018-12387
2018-10-18 13:29:06
redhatcve
redhatcve
CVE-2018-12387
2019-10-10 09:41:30
cve
cve
CVE-2018-12387
2018-10-18 13:29:06
cvelist
cvelist
CVE-2018-12387
2018-10-18 13:00:00
ubuntucve
ubuntucve
CVE-2018-12387
2018-10-03 00:00:00
debiancve
debiancve
CVE-2018-12387
2018-10-18 13:29:06
openvas
openvas
Slackware: Security Advisory (SSA:2018-276-01)
2022-04-21 00:00:00
CentOS Update for firefox CESA-2018:2881 centos6
2018-10-10 00:00:00
openSUSE: Security Advisory for Mozilla (openSUSE-SU-2018:2996-1)
2018-10-05 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerabilities
2018-10-14 03:58:33
kaspersky
kaspersky
KLA11325 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
2018-10-02 00:00:00
ibm
ibm
Security Bulletin: Multiple Mozilla Firefox vulnerabilities in IBM SONAS
2018-11-02 04:15:02
debian
debian
[SECURITY] [DSA 4310-1] firefox-esr security update
2018-10-03 19:00:47
[SECURITY] [DSA 4310-1] firefox-esr security update
2018-10-03 19:00:47
suse
suse
Security update for Mozilla Firefox (important)
2018-10-04 15:10:04
mozilla
mozilla
redhat
redhat
(RHSA-2018:2884) Critical: firefox security update
2018-10-08 19:02:47
(RHSA-2018:2881) Critical: firefox security update
2018-10-08 07:42:28
centos
centos
firefox security update
2018-10-09 15:40:38
firefox security update
2018-10-09 13:32:55
archlinux
archlinux
[ASA-201810-6] firefox: multiple issues
2018-10-04 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 60.2.2-alt1
2018-10-02 00:00:00
osv
osv
firefox-esr - security update
2018-10-03 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2018-10-02 00:00:00
oraclelinux
oraclelinux
firefox security update
2018-10-08 00:00:00
firefox security update
2018-11-01 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2018-10-03 00:00:00
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2018-10-02 00:00:00