Mozilla · Firefox · CVE-2018-5122
Name of the Vulnerable Software and Affected Versions:
Mozilla Firefox versions prior to 58
Description:
The issue is caused by an integer overflow in the `DoCrypt` function of the WebCrypto interface. This could potentially allow a remote attacker to execute arbitrary code or cause a denial of service.
Recommendations:
For versions prior to 58, update to version 58 or later to resolve the issue. As a temporary workaround, consider restricting the use of the WebCrypto interface until a patch is available.