CVE-2018-5188

Name of the Vulnerable Software and Affected Versions Firefox versions 60 and earlier Firefox ESR versions 60 and earlier, 52.8 and earlier Thunderbird versions 60 and earlier, 52.9 and earlier

Description The issue is caused by memory safety bugs, including buffer overflow in memory, which can lead to memory corruption. It is presumed that with sufficient effort, some of these bugs could be exploited to run arbitrary code. This can be achieved by a remote attacker using a specially crafted web page.

Recommendations For Firefox versions 60 and earlier, update to version 61 or later. For Firefox ESR versions 60 and earlier, update to version 60.1 or later. For Firefox ESR versions 52.8 and earlier, update to version 52.9 or later. For Thunderbird versions 60 and earlier, update to version 60.1 or later. For Thunderbird versions 52.9 and earlier, update to version 52.9.1 or later. As a temporary workaround, consider restricting access to potentially vulnerable web pages until a patch is available.