rpm package
suse/MozillaFirefox&distro=SUSE Linux Enterprise Server 12 SP4
pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4
Vulnerabilities (192)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-12387 | — | < 60.2.2esr-109.46.1 | 60.2.2esr-109.46.1 | Oct 18, 2018 | A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sa | ||
| CVE-2018-12386 | — | < 60.2.2esr-109.46.1 | 60.2.2esr-109.46.1 | Oct 18, 2018 | A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3 | ||
| CVE-2018-12385 | — | < 60.2.2esr-109.46.1 | 60.2.2esr-109.46.1 | Oct 18, 2018 | A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into the local cache | ||
| CVE-2018-12383 | — | < 60.2.2esr-109.46.1 | 60.2.2esr-109.46.1 | Oct 18, 2018 | If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Firefox 58. The new ma | ||
| CVE-2018-12381 | — | < 60.2.2esr-109.46.1 | 60.2.2esr-109.46.1 | Oct 18, 2018 | Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. *Note: this issue only affects Windows operating systems with Outlook installed. Other operating systems a | ||
| CVE-2018-12379 | — | < 60.2.2esr-109.46.1 | 60.2.2esr-109.46.1 | Oct 18, 2018 | When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in or | ||
| CVE-2018-12378 | — | < 60.2.2esr-109.46.1 | 60.2.2esr-109.46.1 | Oct 18, 2018 | A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thund | ||
| CVE-2018-12377 | — | < 60.2.2esr-109.46.1 | 60.2.2esr-109.46.1 | Oct 18, 2018 | A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and | ||
| CVE-2018-12376 | — | < 60.2.2esr-109.46.1 | 60.2.2esr-109.46.1 | Oct 18, 2018 | Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, | ||
| CVE-2016-9069 | — | < 68.2.0-109.95.2 | 68.2.0-109.95.2 | Oct 18, 2018 | A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50. | ||
| CVE-2018-0495 | — | < 60.4.0esr-109.55.1 | 60.4.0esr-109.55.1 | Jun 13, 2018 | Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Numbe | ||
| CVE-2018-5183 | — | < 68.2.0-109.95.2 | 68.2.0-109.95.2 | Jun 11, 2018 | Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8. | ||
| CVE-2018-5182 | — | < 68.2.0-109.95.2 | 68.2.0-109.95.2 | Jun 11, 2018 | If a text string that happens to be a filename in the operating system's native format is dragged and dropped onto the addressbar the specified local file will be opened. This is contrary to policy and is what would happen if the string were the equivalent "file:" URL. This vulne | ||
| CVE-2018-5181 | — | < 68.2.0-109.95.2 | 68.2.0-109.95.2 | Jun 11, 2018 | If a URL using the "file:" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to policy. One way to make the target tab open more reliably in a separate process is | ||
| CVE-2018-5180 | — | < 68.2.0-109.95.2 | 68.2.0-109.95.2 | Jun 11, 2018 | A use-after-free vulnerability can occur during WebGL operations. While this results in a potentially exploitable crash, the vulnerability is limited because the memory is freed and reused in a brief window of time during the freeing of the same callstack. This vulnerability affe | ||
| CVE-2018-5178 | — | < 68.2.0-109.95.2 | 68.2.0-109.95.2 | Jun 11, 2018 | A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR < 52.8, Thu | ||
| CVE-2018-5177 | — | < 68.2.0-109.95.2 | 68.2.0-109.95.2 | Jun 11, 2018 | A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox < 60. | ||
| CVE-2018-5176 | — | < 68.2.0-109.95.2 | 68.2.0-109.95.2 | Jun 11, 2018 | The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including "javascript:" links. If a JSON file contains malicious JavaScript script embedded as "javascript:" links, users may be tricked into clicking and running this code in the context of the | ||
| CVE-2018-5175 | — | < 68.2.0-109.95.2 | 68.2.0-109.95.2 | Jun 11, 2018 | A mechanism to bypass Content Security Policy (CSP) protections on sites that have a "script-src" policy of "'strict-dynamic'". If a target website contains an HTML injection flaw an attacker could inject a reference to a copy of the "require.js" library that is part of Firefox's | ||
| CVE-2018-5174 | — | < 68.2.0-109.95.2 | 68.2.0-109.95.2 | Jun 11, 2018 | In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEE_MASK_FLAG_NO_UI" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user |
- CVE-2018-12387Oct 18, 2018affected < 60.2.2esr-109.46.1fixed 60.2.2esr-109.46.1
A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sa
- CVE-2018-12386Oct 18, 2018affected < 60.2.2esr-109.46.1fixed 60.2.2esr-109.46.1
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3
- CVE-2018-12385Oct 18, 2018affected < 60.2.2esr-109.46.1fixed 60.2.2esr-109.46.1
A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into the local cache
- CVE-2018-12383Oct 18, 2018affected < 60.2.2esr-109.46.1fixed 60.2.2esr-109.46.1
If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Firefox 58. The new ma
- CVE-2018-12381Oct 18, 2018affected < 60.2.2esr-109.46.1fixed 60.2.2esr-109.46.1
Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. *Note: this issue only affects Windows operating systems with Outlook installed. Other operating systems a
- CVE-2018-12379Oct 18, 2018affected < 60.2.2esr-109.46.1fixed 60.2.2esr-109.46.1
When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in or
- CVE-2018-12378Oct 18, 2018affected < 60.2.2esr-109.46.1fixed 60.2.2esr-109.46.1
A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thund
- CVE-2018-12377Oct 18, 2018affected < 60.2.2esr-109.46.1fixed 60.2.2esr-109.46.1
A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and
- CVE-2018-12376Oct 18, 2018affected < 60.2.2esr-109.46.1fixed 60.2.2esr-109.46.1
Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62, Firefox ESR < 60.2,
- CVE-2016-9069Oct 18, 2018affected < 68.2.0-109.95.2fixed 68.2.0-109.95.2
A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50.
- CVE-2018-0495Jun 13, 2018affected < 60.4.0esr-109.55.1fixed 60.4.0esr-109.55.1
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Numbe
- CVE-2018-5183Jun 11, 2018affected < 68.2.0-109.95.2fixed 68.2.0-109.95.2
Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8.
- CVE-2018-5182Jun 11, 2018affected < 68.2.0-109.95.2fixed 68.2.0-109.95.2
If a text string that happens to be a filename in the operating system's native format is dragged and dropped onto the addressbar the specified local file will be opened. This is contrary to policy and is what would happen if the string were the equivalent "file:" URL. This vulne
- CVE-2018-5181Jun 11, 2018affected < 68.2.0-109.95.2fixed 68.2.0-109.95.2
If a URL using the "file:" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to policy. One way to make the target tab open more reliably in a separate process is
- CVE-2018-5180Jun 11, 2018affected < 68.2.0-109.95.2fixed 68.2.0-109.95.2
A use-after-free vulnerability can occur during WebGL operations. While this results in a potentially exploitable crash, the vulnerability is limited because the memory is freed and reused in a brief window of time during the freeing of the same callstack. This vulnerability affe
- CVE-2018-5178Jun 11, 2018affected < 68.2.0-109.95.2fixed 68.2.0-109.95.2
A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR < 52.8, Thu
- CVE-2018-5177Jun 11, 2018affected < 68.2.0-109.95.2fixed 68.2.0-109.95.2
A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox < 60.
- CVE-2018-5176Jun 11, 2018affected < 68.2.0-109.95.2fixed 68.2.0-109.95.2
The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including "javascript:" links. If a JSON file contains malicious JavaScript script embedded as "javascript:" links, users may be tricked into clicking and running this code in the context of the
- CVE-2018-5175Jun 11, 2018affected < 68.2.0-109.95.2fixed 68.2.0-109.95.2
A mechanism to bypass Content Security Policy (CSP) protections on sites that have a "script-src" policy of "'strict-dynamic'". If a target website contains an HTML injection flaw an attacker could inject a reference to a copy of the "require.js" library that is part of Firefox's
- CVE-2018-5174Jun 11, 2018affected < 68.2.0-109.95.2fixed 68.2.0-109.95.2
In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEE_MASK_FLAG_NO_UI" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user
Page 8 of 10