Vulnerability Details : CVE-2018-12393
A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit builds are not vulnerable to this issue.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.
Vulnerability category: OverflowMemory Corruption
Products affected by CVE-2018-12393
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:x86:*
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:x86:*
- cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:x86:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-12393
3.67%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-12393
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2018-12393
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-12393
-
https://security.gentoo.org/glsa/201811-13
Mozilla Thunderbird: Multiple vulnerabilities (GLSA 201811-13) — Gentoo securityThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:3005
RHSA-2018:3005 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://usn.ubuntu.com/3801-1/
USN-3801-1: Firefox vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://www.debian.org/security/2018/dsa-4324
Debian -- Security Information -- DSA-4324-1 firefox-esrThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html
[SECURITY] [DLA 1575-1] thunderbird security updateThird Party Advisory
-
https://www.debian.org/security/2018/dsa-4337
Debian -- Security Information -- DSA-4337-1 thunderbirdThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:3532
RHSA-2018:3532 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:3006
RHSA-2018:3006 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.securityfocus.com/bid/105718
Mozilla Firefox and Firefox ESR Multiple Security VulnerabilitiesVDB Entry;Third Party Advisory
-
http://www.securityfocus.com/bid/105769
RETIRED: Mozilla Thunderbird MFSA2018-28 Multiple Security VulnerabilitiesThird Party Advisory;VDB Entry
-
https://lists.debian.org/debian-lts-announce/2018/11/msg00008.html
[SECURITY] [DLA 1571-1] firefox-esr security updateThird Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1495011
1495011 - (CVE-2018-12393) Unsafe use of CheckedInt (possible buffer overflow) in ScriptLoader::ConvertToUTF16Issue Tracking;Permissions Required;Vendor Advisory
-
https://security.gentoo.org/glsa/201811-04
Mozilla Firefox: Multiple vulnerabilities (GLSA 201811-04) — Gentoo securityThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:3531
RHSA-2018:3531 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://usn.ubuntu.com/3868-1/
USN-3868-1: Thunderbird vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://www.mozilla.org/security/advisories/mfsa2018-27/
Security vulnerabilities fixed in Firefox ESR 60.3 — MozillaVendor Advisory
-
https://www.mozilla.org/security/advisories/mfsa2018-26/
Security vulnerabilities fixed in Firefox 63 — MozillaVendor Advisory
-
http://www.securitytracker.com/id/1041944
Mozilla Firefox Multiple Bugs Let Remote Users Deny Service, Obtain Potentially Sensitive Information, and Execute Arbitrary Code - SecurityTrackerThird Party Advisory;VDB Entry
-
https://www.mozilla.org/security/advisories/mfsa2018-28/
Security vulnerabilities fixed in Thunderbird ESR 60.3 — MozillaVendor Advisory
Jump to