---

CVE-2018-12371 - log back

CVE-2018-12371 created at 25 Sep 2019 19:31:40
Severity	+ Medium
Remote	+ Remote
Type	+ Arbitrary code execution
Description	+ An integer overflow vulnerability has been found in the Skia library shipped with Firefox before 61.0 and Thunderbird before 60.0, when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash.
References	+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12371 + https://bugzilla.mozilla.org/show_bug.cgi?id=1465686
Notes