CVE-2018-5118

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 58

Description: The issue is related to the Activity Stream page in Mozilla Firefox, where a lack of protection for internal data can be exploited. This could allow a remote attacker to gain unauthorized access to protected information using a 'file:' URL. The vulnerability involves the creation of screenshot images from meta tags of websites, which can attempt to load local files through 'file:' URLs, potentially exposing local data if combined with another attack that bypasses sandbox protections.

Recommendations: For versions prior to 58, update to version 58 or later to resolve the issue. As a temporary workaround, consider restricting access to local files when using the Activity Stream page until a patch is applied. Avoid using 'file:' URLs in the Activity Stream page to minimize the risk of exploitation.