what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 2 of 2 RSS Feed

CVE-2018-5140

Status Candidate

Overview

Image for moz-icons can be accessed through the "moz-icon:" protocol through script in web content even when otherwise prohibited. This could allow for information leakage of which applications are associated with specific MIME types by a malicious page. This vulnerability affects Firefox < 59.

Related Files

Ubuntu Security Notice USN-3596-2
Posted Apr 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3596-2 - USN-3596-1 fixed vulnerabilities in Firefox. The update caused an issue where it was not possible to customize the toolbars when running Firefox in Unity. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or opening new tabs, escape the sandbox, bypass same-origin restrictions, obtain sensitive information, confuse the user with misleading permission requests, or execute arbitrary code. It was discovered that the fetch API could incorrectly return cached copies of no-store/no-cache resources in some circumstances. A local attacker could potentially exploit this to obtain sensitive information in environments where multiple users share a common profile. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-5126, CVE-2018-5127, CVE-2018-5128, CVE-2018-5129, CVE-2018-5130, CVE-2018-5131, CVE-2018-5133, CVE-2018-5136, CVE-2018-5137, CVE-2018-5140, CVE-2018-5141, CVE-2018-5142, CVE-2018-5143
SHA-256 | e494dec5d0c796d9460535c0b44c093d5932022a735b81473a1415ba41c11a0f
Ubuntu Security Notice USN-3596-1
Posted Mar 14, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3596-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or opening new tabs, escape the sandbox, bypass same-origin restrictions, obtain sensitive information, confuse the user with misleading permission requests, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-5125, CVE-2018-5126, CVE-2018-5127, CVE-2018-5128, CVE-2018-5129, CVE-2018-5130, CVE-2018-5131, CVE-2018-5132, CVE-2018-5133, CVE-2018-5134, CVE-2018-5135, CVE-2018-5136, CVE-2018-5137, CVE-2018-5140, CVE-2018-5141, CVE-2018-5142, CVE-2018-5143
SHA-256 | 7fbc7840a2c7212ddb76bc5bfc07a289e367f1f00153eaf6cc47a353ca7e2a80
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    4 Files
  • 19
    Aug 19th
    12 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close