CVE-2018-12405
Severity
9.8CRITICAL
EPSS
10.3%
top 6.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 28
Latest updateMay 14
Description
Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages11 packages
Also affects: Debian Linux 8.0, 9.0, Ubuntu Linux 14.04, 16.04, 18.04, 18.10, Enterprise Linux 7.6
🔴Vulnerability Details
4GHSA▶
GHSA-h27g-wvvm-f6mv: Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60↗2022-05-14
CVEList▶
CVE-2018-12405: Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60↗2019-02-28
OSV▶
CVE-2018-12405: Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60↗2019-02-28
📋Vendor Advisories
4💬Community
1Bugzilla
▶