exploit the possibilities
Showing 1 - 10 of 10 RSS Feed

CVE-2018-5159

Status Candidate

Overview

An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.

Related Files

Ubuntu Security Notice USN-3660-1
Posted May 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3660-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service via application crash, install lightweight themes without user interaction, or execute arbitrary code. An issue was discovered when processing message headers in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit this to cause a denial of service via application hang. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5161, CVE-2018-5162, CVE-2018-5168, CVE-2018-5170, CVE-2018-5178, CVE-2018-5183, CVE-2018-5184, CVE-2018-5185
MD5 | 11fa09669977d60b25439b9cb7f6291a
Red Hat Security Advisory 2018-1726-01
Posted May 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1726-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.8.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5161, CVE-2018-5162, CVE-2018-5168, CVE-2018-5170, CVE-2018-5178, CVE-2018-5183, CVE-2018-5184, CVE-2018-5185
MD5 | af5881b3089abaaa69679e94452f5de1
Red Hat Security Advisory 2018-1725-01
Posted May 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1725-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.8.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5161, CVE-2018-5162, CVE-2018-5168, CVE-2018-5170, CVE-2018-5178, CVE-2018-5183, CVE-2018-5184, CVE-2018-5185
MD5 | c700c004277e21f6a06fc8974f1d766c
Debian Security Advisory 4209-1
Posted May 25, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4209-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or attacks on encrypted emails.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5161, CVE-2018-5162, CVE-2018-5168, CVE-2018-5170, CVE-2018-5178, CVE-2018-5183, CVE-2018-5184, CVE-2018-5185
MD5 | beaf141404bc7f22621c2c7e3ab520cf
Skia / Firefox SkTDArray Integer Overflow
Posted May 24, 2018
Authored by Ivan Fratric, Google Security Research

Skia and Firefox suffer from an issue where an integer overflow in SkTDArray can lead to an out-of-bounds write.

tags | exploit, overflow
advisories | CVE-2018-5159
MD5 | f7eb1e6d567bfd69e4a654a5a1a0c0cf
Ubuntu Security Notice USN-3645-2
Posted May 19, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3645-2 - USN-3645-1 fixed vulnerabilities in Firefox. The update caused an issue where users experienced long UI pauses in some circumstances. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, bypass same-origin restrictions, conduct cross-site scripting attacks, install lightweight themes without user interaction, spoof the filename in the downloads panel, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2018-5155, CVE-2018-5157, CVE-2018-5158, CVE-2018-5159, CVE-2018-5160, CVE-2018-5163, CVE-2018-5164, CVE-2018-5167, CVE-2018-5168, CVE-2018-5169, CVE-2018-5172, CVE-2018-5173, CVE-2018-5175, CVE-2018-5176, CVE-2018-5177, CVE-2018-5180, CVE-2018-5181, CVE-2018-5182
MD5 | d79a2b390689ee5da50dd49ae53da56c
Red Hat Security Advisory 2018-1415-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1415-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 52.8.0 ESR. Issues addressed include buffer overflow, bypass, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5157, CVE-2018-5158, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178, CVE-2018-5183
MD5 | a0941f737fbe0c2b91741a8ecdee350d
Red Hat Security Advisory 2018-1414-01
Posted May 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1414-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 52.8.0 ESR. Issues addressed include buffer overflow, bypass, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5157, CVE-2018-5158, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178, CVE-2018-5183
MD5 | b3aa86111adf63a7c2fae43dc3437fb8
Ubuntu Security Notice USN-3645-1
Posted May 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3645-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, bypass same-origin restrictions, conduct cross-site scripting attacks, install lightweight themes without user interaction, spoof the filename in the downloads panel, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, xss
systems | linux, ubuntu
advisories | CVE-2018-5150, CVE-2018-5151, CVE-2018-5152, CVE-2018-5153, CVE-2018-5154, CVE-2018-5155, CVE-2018-5157, CVE-2018-5158, CVE-2018-5159, CVE-2018-5160, CVE-2018-5163, CVE-2018-5164, CVE-2018-5166, CVE-2018-5167, CVE-2018-5168, CVE-2018-5169, CVE-2018-5172, CVE-2018-5173, CVE-2018-5175, CVE-2018-5176, CVE-2018-5177, CVE-2018-5180, CVE-2018-5181, CVE-2018-5182
MD5 | ab18b8ec6d4a0b241a776a0d65c936dd
Debian Security Advisory 4199-1
Posted May 11, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4199-1 - Several security issues have been found in the Mozilla Firefox web may lead to the execution of arbitrary code or denial of service.

tags | advisory, web, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5157, CVE-2018-5158, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178, CVE-2018-5183
MD5 | 6991f4c67e40de4d8cc3b49fe2433ea8
Page 1 of 1
Back1Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close