exploit the possibilities
Showing 1 - 7 of 7 RSS Feed

CVE-2018-18505

Status Candidate

Overview

An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the authentication not being correctly applied to later channels. This could allow for a sandbox escape through IPC channels due to lack of message validation in the listener process. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.

Related Files

Debian Security Advisory 4392-1
Posted Feb 18, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4392-1 - Multiple security issues have been found in the Thunderbird mail client, which could lead to the execution of arbitrary code, denial of service or spoofing of S/MIME signatures.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, debian
advisories | CVE-2018-18356, CVE-2018-18500, CVE-2018-18501, CVE-2018-18505, CVE-2018-18509, CVE-2019-5785
MD5 | 72eb49943de47e780e6bb6cc43b13415
Red Hat Security Advisory 2019-0269-01
Posted Feb 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0269-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.5.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-5824, CVE-2018-18500, CVE-2018-18501, CVE-2018-18505
MD5 | fb0591a288299e5fe49a0f2cb20bd792
Red Hat Security Advisory 2019-0270-01
Posted Feb 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0270-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.5.0. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-5824, CVE-2018-18500, CVE-2018-18501, CVE-2018-18505
MD5 | 52955d8be1e3d2573ca2ef7347d4c5d6
Ubuntu Security Notice USN-3874-1
Posted Jan 31, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3874-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, gain additional privileges by escaping the sandbox, or execute arbitrary code. It was discovered that Firefox allowed PAC files to specify that requests to localhost are sent through the proxy to another server. If proxy auto-detection is enabled, an attacker could potentially exploit this to conduct attacks on local services and tools. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2018-18500, CVE-2018-18504, CVE-2018-18505, CVE-2018-18506
MD5 | 0610de62126292ee797c34a48f213f8a
Debian Security Advisory 4376-1
Posted Jan 30, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4376-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or privilege escalation.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2018-18500, CVE-2018-18501, CVE-2018-18505
MD5 | 4f6aa00ae290ef84a9bacd66a05ee470
Red Hat Security Advisory 2019-0218-01
Posted Jan 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0218-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.5.0 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2018-18500, CVE-2018-18501, CVE-2018-18505
MD5 | 472c1e9e4e6475993b99796d2537e4bb
Red Hat Security Advisory 2019-0219-01
Posted Jan 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0219-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.5.0 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2018-18500, CVE-2018-18501, CVE-2018-18505
MD5 | 119e1b6a27103d046f02037acf1a4063
Page 1 of 1
Back1Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    2 Files
  • 18
    Feb 18th
    27 Files
  • 19
    Feb 19th
    32 Files
  • 20
    Feb 20th
    15 Files
  • 21
    Feb 21st
    17 Files
  • 22
    Feb 22nd
    12 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close