CVE-2018-12390 log

Source
Severity Critical
Remote Yes
Type Arbitrary code execution
Description
Several memory safety bugs have been found in Firefox and Thunderbird versions prior to 63.0. Some of these bugs showed evidence of memory corruption and Mozilla engineers presume that with enough effort some of these could be exploited to run arbitrary code.
Group Package Affected Fixed Severity Status Ticket
AVG-803 thunderbird 60.2.1-2 60.3.0-1 Critical Fixed
AVG-787 firefox 62.0.3-2 63.0-1 Critical Fixed
Date Advisory Group Package Severity Type
06 Nov 2018 ASA-201811-10 AVG-803 thunderbird Critical arbitrary code execution
24 Oct 2018 ASA-201810-14 AVG-787 firefox Critical multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12390
https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/#CVE-2018-12390
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1487098%2C1487660%2C1490234%2C1496159%2C1443748%2C1496340%2C1483905%2C1493347%2C1488803%2C1498701%2C1498482%2C1442010%2C1495245%2C1483699%2C1469486%2C1484905%2C1490561%2C1492524%2C1481844