Redhat Enterprise Linux Desktop vulnerabilities

CVE-2018-12393 [HIGH] CWE-190 CVE-2018-12393: A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit builds are not vulnerable to this issue.*. This vulnerability affects Firefox

CVE-2018-12397 [HIGH] CWE-200 CVE-2018-12397: A WebExtension can request access to local files without the warning prompt stating that the extensi A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to run content scripts in local pages without permission warnings when a local file is opened. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63

CVE-2018-18494 [MEDIUM] CWE-346 CVE-2018-18494: A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascr A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.

CVE-2018-12396 [MEDIUM] CWE-732 CVE-2018-12396: A vulnerability where a WebExtension can run content scripts in disallowed contexts following naviga A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites where content scripts should not be run. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.

CVE-2019-1559 [MEDIUM] CWE-203 CVE-2019-1559: If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to sen If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behave

CVE-2019-5759 [CRITICAL] CWE-416 CVE-2019-5759: Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72. Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

CVE-2019-5771 [HIGH] CVE-2019-5771: An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a rem An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

CVE-2019-5758 [HIGH] CWE-787 CVE-2019-5758: Incorrect object lifecycle management in Blink in Google Chrome prior to 72.0.3626.81 allowed a remo Incorrect object lifecycle management in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2019-5764 [HIGH] CWE-416 CVE-2019-5764: Incorrect pointer management in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attac Incorrect pointer management in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2019-5780 [HIGH] CWE-20 CVE-2019-5780: Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 7 Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple Events.

CVE-2019-5782 [HIGH] CWE-125 CVE-2019-5782: Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote att Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

CVE-2019-5757 [HIGH] CWE-704 CVE-2019-5757: An incorrect object type assumption in SVG in Google Chrome prior to 72.0.3626.81 allowed a remote a An incorrect object type assumption in SVG in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.

CVE-2019-5760 [HIGH] CWE-416 CVE-2019-5760: Insufficient checks of pointer validity in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a r Insufficient checks of pointer validity in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2019-5762 [HIGH] CWE-119 CVE-2019-5762: Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowe Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.

CVE-2019-5755 [HIGH] CWE-189 CVE-2019-5755: Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote at Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.

CVE-2019-5761 [HIGH] CWE-787 CVE-2019-5761: Incorrect object lifecycle management in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed Incorrect object lifecycle management in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2019-5756 [HIGH] CWE-416 CVE-2019-5756: Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowe Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.

CVE-2019-5772 [HIGH] CWE-416 CVE-2019-5772: Sharing of objects over calls into JavaScript runtime in PDFium in Google Chrome prior to 72.0.3626. Sharing of objects over calls into JavaScript runtime in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

CVE-2019-5770 [HIGH] CWE-125 CVE-2019-5770: Insufficient input validation in WebGL in Google Chrome prior to 72.0.3626.81 allowed a remote attac Insufficient input validation in WebGL in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

CVE-2019-5763 [HIGH] CWE-754 CVE-2019-5763: Failure to check error conditions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote atta Failure to check error conditions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.