PT-2019-1437 · Mozilla+5 · Firefox Esr+7

Alex Gaynor

+5

·

Published

2019-01-29

·

Updated

2024-12-12

·

CVE-2018-18501

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 65 Firefox ESR versions prior to 60.5 Thunderbird versions prior to 60.5
Description The issue is related to memory safety bugs, including evidence of memory corruption, which could potentially be exploited to run arbitrary code. This is due to a buffer overflow in memory, allowing a remote attacker to cause a denial of service or execute arbitrary code using a specially crafted web page.
Recommendations For Firefox versions prior to 65, update to version 65 or later. For Firefox ESR versions prior to 60.5, update to version 60.5 or later. For Thunderbird versions prior to 60.5, update to version 60.5 or later.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

ALT-PU-2019-1170
ALT-PU-2019-1171
ALT-PU-2019-1173
ALT-PU-2019-2324
ALT-PU-2019-2486
BDU:2019-00820
BDU:2019-00919
CESA-2019_0218
CESA-2019_0219
CESA-2019_0269
CESA-2019_0270
CVE-2018-18501
DLA-1648-1
DLA-1678-1
DSA-4376-1
DSA-4392-1
MGASA-2019-0060
MGASA-2019-0069
OPENSUSE-SU-2019:0132-1
OPENSUSE-SU-2019:0249-1
OPENSUSE-SU-2019:0251-1
OPENSUSE-SU-2019:1758-1
OPENSUSE-SU-2019_0132-1
OPENSUSE-SU-2019_0133-1
OPENSUSE-SU-2019_0182-1
OPENSUSE-SU-2019_0251-1
OPENSUSE-SU-2019_1758-1
OPENSUSE-SU-2024:10600-1
OPENSUSE-SU-2024:10601-1
OPENSUSE-SU-2024:14572-1
RHSA-2019:0218
RHSA-2019:0219
RHSA-2019:0269
RHSA-2019:0270
RHSA-2019_0218
RHSA-2019_0219
RHSA-2019_0269
RHSA-2019_0270
SUSE-SU-2019:0273-1
SUSE-SU-2019:0336-1
SUSE-SU-2019:0336-2
SUSE-SU-2019:0338-1
USN-3874-1
USN-3897-1

Affected Products

Alt Linux
Centos
Firefox
Firefox Esr
Red Hat
Suse
Thunderbird
Ubuntu