Log

CVE-2018-5175 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ A mechanism to bypass Content Security Policy (CSP) protections on sites that have a script-src policy of 'strict-dynamic' has been found in Firefox < 60.0. If a target website contains an HTML injection flaw an attacker could inject a reference to a copy of the require.js library that is part of Firefox’s Developer Tools, and then use a known technique using that library to bypass the CSP restrictions on executing injected scripts.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5175
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1432358
Notes
CVE-2018-5176 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Information disclosure
Description
+ The JSON Viewer in Firefox before 60.0 displays clickable hyperlinks for strings that are parseable as URLs, including javascript: links. If a JSON file contains malicious JavaScript script embedded as javascript: links, users may be tricked into clicking and running this code in the context of the JSON Viewer. This can allow for the theft of cookies and authorization tokens which are accessible to that context.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5176
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1442840
Notes
CVE-2018-5177 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A vulnerability exists in the XSLT component of Firefox before 60.0, during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5177
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1451908
Notes
CVE-2018-5178 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Information disclosure
Description
+ A buffer overflow was found in Thunderbird before 52.8, during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5178
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1443891
Notes
CVE-2018-5179 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Denial of service
Description
+ A security issue has been found in the ServiceWorker component of the chromium browser before 70.0.3538.67, due to a lack of limits on the update() function.
References
+ https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html
+ https://bugs.chromium.org/p/chromium/issues/detail?id=805496
Notes
CVE-2018-5180 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A use-after-free vulnerability can occur during WebGL operations in Firefox before 60.0. While this results in a potentially exploitable crash, the vulnerability is limited because the memory is freed and reused in a brief window of time during the freeing of the same callstack.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5180
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1444086
Notes
CVE-2018-5181 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Local
Type
+ Access restriction bypass
Description
+ If a URL using the file: protocol is dragged and dropped onto an open tab of Firefox before 60.0 that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to policy. One way to make the target tab open more reliably in a separate process is to open it with the noopener keyword.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5181
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1424107
Notes
CVE-2018-5182 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Local
Type
+ Access restriction bypass
Description
+ If a text string that happens to be a filename in the operating system's native format is dragged and dropped onto the address bar of Firefox before 60.0, the specified local file will be opened. This is contrary to policy and is what would happen if the string were the equivalent file: URL.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5182
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1424107
Notes
CVE-2018-5183 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ Several memory corruption issues including invalid buffer reads and writes during graphic operations have been found in the Skia library.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5183
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1454692
Notes
CVE-2018-5184 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Information disclosure
Description
+ A security issue has been found in Thunderbird before 52.8, where using remote content in S/MIME encrypted messages can lead to the disclosure of plaintext via chosen-ciphertext attack.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5184
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1411592
Notes
+ Very likely related to CVE-2017-17689 but Mozilla did not include any details so..