Vulnerability CVE-2018-5151: Information

Description

Memory safety bugs were reported in Firefox 59. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 60.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2018-5151
Published: June 12, 2018
Modified: Aug. 3, 2018
Error type identifier: CWE-119

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
firefoxsisyphus60.0.1-alt1127.0-alt1ALT-PU-2018-1787-1206819Fixed
firefoxp1060.0.1-alt1118.0.2-alt0.p10.1ALT-PU-2018-1787-1206819Fixed
firefoxp960.0.1-alt1105.0.1-alt0.c9.1ALT-PU-2018-1787-1206819Fixed
firefoxp860.0.1-alt0.M80P.168.0.1-alt0.M80P.1ALT-PU-2018-1898-1206884Fixed
firefoxc10f160.0.1-alt1112.0.2-alt0.p10.1ALT-PU-2018-1787-1206819Fixed
firefoxc9f260.0.1-alt1105.0.1-alt0.c9.1ALT-PU-2018-1787-1206819Fixed
firefoxc760.6.1-alt0.M70C.160.8.0-alt0.M70C.1ALT-PU-2019-1726-1218597Fixed
firefoxp1160.0.1-alt1126.0.1-alt1ALT-PU-2018-1787-1206819Fixed
firefox-esrsisyphus60.0.1-alt1115.11.0-alt1ALT-PU-2018-1854-1207816Fixed
firefox-esrp1060.0.1-alt1115.11.0-alt1ALT-PU-2018-1854-1207816Fixed
firefox-esrp960.0.1-alt1102.11.0-alt0.c9.1ALT-PU-2018-1854-1207816Fixed
firefox-esrp860.1.0-alt0.M80P.168.4.1-alt0.M80P.1ALT-PU-2018-1966-1207865Fixed
firefox-esrc10f160.0.1-alt1115.9.1-alt0.c10.1ALT-PU-2018-1854-1207816Fixed
firefox-esrc9f260.0.1-alt1102.12.0-alt0.c9.1ALT-PU-2018-1854-1207816Fixed
firefox-esrp1160.0.1-alt1115.11.0-alt1ALT-PU-2018-1854-1207816Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://www.mozilla.org/security/advisories/mfsa2018-11/
  • Third Party Advisory
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1445234%2C1449530%2C1437455%2C1447989%2C1438827%2C1436983%2C1435036%2C1440465%2C1439723%2C1448771%2C1453653%2C1454359%2C1432323%2C1454126%2C1436759%2C1439655%2C1448612%2C1449358%2C1367727%2C1452417
  • Issue Tracking
  • Permissions Required
  • Third Party Advisory
USN-3645-1
  • Third Party Advisory
1040896
  • Third Party Advisory
  • VDB Entry
104139
  • Third Party Advisory
  • VDB Entry

    1. Configuration 1

      cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
      End excliding
      60.0

      Configuration 2

      cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top