exploit the possibilities
Showing 1 - 9 of 9 RSS Feed

CVE-2018-12366

Status Candidate

Overview

An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

Related Files

Gentoo Linux Security Advisory 201811-13
Posted Nov 24, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201811-13 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to the execution of arbitrary code. Versions less than 60.3.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-16541, CVE-2018-12359, CVE-2018-12360, CVE-2018-12361, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-12367, CVE-2018-12371, CVE-2018-12372, CVE-2018-12373, CVE-2018-12374, CVE-2018-12376, CVE-2018-12377, CVE-2018-12378, CVE-2018-12379, CVE-2018-12383, CVE-2018-12385, CVE-2018-12389, CVE-2018-12390, CVE-2018-12391, CVE-2018-12392, CVE-2018-12393, CVE-2018-5125
MD5 | cb3a08958b6999e989e4f477c4399834
Gentoo Linux Security Advisory 201810-01
Posted Oct 2, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201810-1 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. Versions less than 60.2.2 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-16541, CVE-2018-12358, CVE-2018-12359, CVE-2018-12360, CVE-2018-12361, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-12367, CVE-2018-12368, CVE-2018-12369, CVE-2018-12370, CVE-2018-12371, CVE-2018-12376, CVE-2018-12377, CVE-2018-12378, CVE-2018-12379, CVE-2018-12381, CVE-2018-12383, CVE-2018-12385, CVE-2018-12386, CVE-2018-12387, CVE-2018-5125, CVE-2018-5127
MD5 | 2ed8115633bd219ec3b7e1781a6f664a
Red Hat Security Advisory 2018-2251-01
Posted Jul 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2251-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.9.1. Issues addressed include buffer overflow, cross site request forgery, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2018-12359, CVE-2018-12360, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-12372, CVE-2018-12373, CVE-2018-12374, CVE-2018-5188
MD5 | 95ed1e22119659b36b9dc528e4b17547
Red Hat Security Advisory 2018-2252-01
Posted Jul 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2252-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.9.1. Issues addressed include buffer overflow, cross site request forgery, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2018-12359, CVE-2018-12360, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-12372, CVE-2018-12373, CVE-2018-12374, CVE-2018-5188
MD5 | a3fd8fb4c593fb30023245e31a67281f
Debian Security Advisory 4244-1
Posted Jul 14, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4244-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or attacks on encrypted emails.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2017-17689, CVE-2018-12359, CVE-2018-12360, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-12372, CVE-2018-12373, CVE-2018-12374, CVE-2018-5188
MD5 | 46d8ef10ef74156ca929a33f35d7ac3b
Ubuntu Security Notice USN-3705-1
Posted Jul 5, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3705-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, bypass same-origin restrictions, bypass CORS restrictions, bypass CSRF protections, obtain sensitive information, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-12358, CVE-2018-12359, CVE-2018-12360, CVE-2018-12361, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-12367, CVE-2018-12369, CVE-2018-12370, CVE-2018-12371, CVE-2018-5156, CVE-2018-5186, CVE-2018-5187, CVE-2018-5188
MD5 | 41c5df23f973dc6a183546bb9ccc2c7f
Red Hat Security Advisory 2018-2112-01
Posted Jun 29, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2112-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.1.0 ESR. Issues addressed include buffer overflow, cross site request forgery, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2017-7762, CVE-2018-12359, CVE-2018-12360, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-5156, CVE-2018-5188, CVE-2018-6126
MD5 | 29344370decb099155105e9c463e59e7
Red Hat Security Advisory 2018-2113-01
Posted Jun 29, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2113-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.1.0 ESR. Issues addressed include buffer overflow, cross site request forgery, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2017-7762, CVE-2018-12359, CVE-2018-12360, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-5156, CVE-2018-5188, CVE-2018-6126
MD5 | 5f5f09c5bb8d12e7cd03f1208541cf84
Debian Security Advisory 4235-1
Posted Jun 29, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4235-1 - Several security issues have been found in the Mozilla Firefox web lead to the execution of arbitrary code, denial of service, cross-site request forgery or information disclosure.

tags | advisory, web, denial of service, arbitrary, info disclosure, csrf
systems | linux, debian
advisories | CVE-2018-12359, CVE-2018-12360, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-5156
MD5 | 0199d331afe9693064054c17e6926ce1
Page 1 of 1
Back1Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    10 Files
  • 23
    Apr 23rd
    22 Files
  • 24
    Apr 24th
    4 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close