CVE-2018-18510
published 2019-04-26CVE-2018-18510: The about:crashcontent and about:crashparent pages can be triggered by web content. These pages are used to crash the loaded page or the browser for test…
PriorityP424medium6.5CVSS 3.0
AVNACLPRNUIRSUCNINAH
EPSS
1.01%
59.0th percentile
The about:crashcontent and about:crashparent pages can be triggered by web content. These pages are used to crash the loaded page or the browser for test purposes. This issue allows for a non-persistent denial of service (DOS) attack by a malicious site which links to these pages. This vulnerability affects Firefox < 64.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 64.0-1 (sid) | firefox 64.0-1 (sid) |
| mozilla | firefox | < 64.0 | 64.0 |
| mozilla | firefox | >= 0 < 64.0+build3-0ubuntu0.16.04.1 | 64.0+build3-0ubuntu0.16.04.1 |
| mozilla | firefox | >= 0 < 64.0+build3-0ubuntu0.18.04.1 | 64.0+build3-0ubuntu0.18.04.1 |
| mozilla | firefox | >= unspecified < 64 | 64 |
CVSS provenance
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv6.5MEDIUM
vendor_debian6.5MEDIUM
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
firefox: The about:crashcontent and about:crashparent pages can be triggered by web content allowing for a non-persistent DoS attack.
vendor_redhat·2018-11-16·CVSS 6.5
CVE-2018-18510 [MEDIUM] CWE-749 firefox: The about:crashcontent and about:crashparent pages can be triggered by web content allowing for a non-persistent DoS attack.
firefox: The about:crashcontent and about:crashparent pages can be triggered by web content allowing for a non-persistent DoS attack.
The about:crashcontent and about:crashparent pages can be triggered by web content. These pages are used to crash the loaded page or the browser for test purposes. This issue allows for a non-persistent denial of service (DOS) attack by a malicious site which links to these pages. This vulnerability affects Firefox < 64.
Statement: This vulnerability did not affect the Firefox 60 ESR stream.
Package: firefox (Red Hat Enterprise Linux 5) - Not affected
Package: firefox (Red Hat Enterprise Linux 6) - Not affected
Package: firefox (Red Hat Enterprise Linux 7) - Not affected
Package: firefox (Red Hat Enterprise Linux 8) - Not affected
Debian
CVE-2018-18510: firefox - The about:crashcontent and about:crashparent pages can be triggered by web conte...
vendor_debian·2018·CVSS 6.5
CVE-2018-18510 [MEDIUM] CVE-2018-18510: firefox - The about:crashcontent and about:crashparent pages can be triggered by web conte...
The about:crashcontent and about:crashparent pages can be triggered by web content. These pages are used to crash the loaded page or the browser for test purposes. This issue allows for a non-persistent denial of service (DOS) attack by a malicious site which links to these pages. This vulnerability affects Firefox < 64.
Scope: local
sid: resolved (fixed in 64.0-1)
GHSA
GHSA-pphh-8m7v-77cf: The about:crashcontent and about:crashparent pages can be triggered by web content
ghsa_unreviewed·2022-05-24
CVE-2018-18510 [MEDIUM] GHSA-pphh-8m7v-77cf: The about:crashcontent and about:crashparent pages can be triggered by web content
The about:crashcontent and about:crashparent pages can be triggered by web content. These pages are used to crash the loaded page or the browser for test purposes. This issue allows for a non-persistent denial of service (DOS) attack by a malicious site which links to these pages. This vulnerability affects Firefox < 64.
OSV
CVE-2018-18510: The about:crashcontent and about:crashparent pages can be triggered by web content
osv·2019-04-26·CVSS 6.5
CVE-2018-18510 [MEDIUM] CVE-2018-18510: The about:crashcontent and about:crashparent pages can be triggered by web content
The about:crashcontent and about:crashparent pages can be triggered by web content. These pages are used to crash the loaded page or the browser for test purposes. This issue allows for a non-persistent denial of service (DOS) attack by a malicious site which links to these pages. This vulnerability affects Firefox < 64.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2018-18510 firefox: The about:crashcontent and about:crashparent pages can be triggered by web content allowing for a non-persistent DoS attack.
bugzilla·2019-04-29·CVSS 6.5
CVE-2018-18510 [MEDIUM] CVE-2018-18510 firefox: The about:crashcontent and about:crashparent pages can be triggered by web content allowing for a non-persistent DoS attack.
CVE-2018-18510 firefox: The about:crashcontent and about:crashparent pages can be triggered by web content allowing for a non-persistent DoS attack.
The about:crashcontent and about:crashparent pages can be triggered by web content. These pages are used to crash the loaded page or the browser for test purposes. This issue allows for a DoS attack by a malicious site which links to these pages. This vulnerability affects Firefox < 64.
External References:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18510
Discussion:
Statement:
This vulnerability did not affect the Firefox 60 ESR stream.
Bugzilla
"about:crashcontent" and "about:crashparent" can be triggered from web content
bugzilla·2018-11-16
[MEDIUM] "about:crashcontent" and "about:crashparent" can be triggered from web content
"about:crashcontent" and "about:crashparent" can be triggered from web content
The firefox special URL "about:crashcontent" will trigger a crash of the current tab for testing purposes.
It is possible to trigger that URL from within a webpage, e.g. via an tag. This also extends to being able to crash a browser from within an iframe, which I believe is particularly problematic as iframes are often used to embed content that a site not necessarily trusts.
(For a practical example look at https://twitter.com/xsamaster/status/1063347833271713792 - a tweet that embeds a "video" that will crash the browser tab.)
I believe a special debugging feature URL like about:crashcontent should never be accessible from a webpage, it should only be possible to activate it if the user actually types in t
2019-04-26
Published