Log

CVE-2018-5162 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Information disclosure
Description
+ A security issue has been found in Thunderbird before 52.8, where plaintext of decrypted emails can leak through the src attribute of remote images, or links.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5162
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1457721
Notes
+ I'm guessing this is related to CVE-2017-17688 but Mozilla has not included any details and I'm not a mind reader.
CVE-2018-5163 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Sandbox escape
Description
+ A sandbox escape vulnerability has been found in Firefox < 60.0. If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternate data resources stored in the JavaScript Start-up Bytecode Cache (JSBC) for other JavaScript code. If the parent process then runs this replaced code, the executed script would be run with the parent process' privileges, escaping the sandbox on content processes.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5163
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1426353
Notes
CVE-2018-5164 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ A Content Security Policy (CSP) bypass has been found in Firefox < 60.0, where the CSP is not applied correctly to all parts of multipart content sent with the multipart/x-mixed-replace MIME type. This could allow for script to run where CSP should block it, allowing for cross-site scripting (XSS) and other attacks.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5164
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1416045
Notes
CVE-2018-5166 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ WebExtensions in Firefox before 60.0 can use request redirection and a filterReponseData filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have explicit user permission.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5166
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1437325
Notes
CVE-2018-5167 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Content spoofing
Description
+ The web console and JavaScript debugger in Firefox < 6.0.0 do not sanitize all output that can be hyperlinked. Both will display chrome: links as active, clickable hyperlinks in their output. Web sites should not be able to directly link to internal chrome pages. Additionally, the JavaScript debugger will display javascript: links, which users could be tricked into clicking by malicious sites.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5167
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1447969
Notes
CVE-2018-5168 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ Sites can bypass security checks on permissions to install lightweight themes in Firefox before 60.0 and Thunderbird before 52.8, by manipulating the baseURI property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5168
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1449548
Notes
CVE-2018-5169 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ If manipulated hyperlinked text with chrome: URL contained in it is dragged and dropped on the "home" icon in Firefox before 60.0, the home page can be reset to include a normally-unlinkable chrome page as one of the home page tabs.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5169
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1319157
Notes
CVE-2018-5170 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Content spoofing
Description
+ It is possible in Thunderbird before 52.8 to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5170
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1411732
Notes
CVE-2018-5172 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ The Live Bookmarks page and the PDF viewer in Firefox before 60.0 can run injected script content if a user pastes script from the clipboard into them while viewing RSS feeds or PDF files. This could allow a malicious site to socially engineer a user to copy and paste malicious script content that could then run with the context of either page but does not allow for privilege escalation.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5172
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1436482
Notes
CVE-2018-5173 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Content spoofing
Description
+ The filename appearing in the Downloads panel in Firefox before 60.0 improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5173
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1438025
Notes