CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-12388 – Ubuntu Security Notice USN-3801-1
https://notcve.org/view.php?id=CVE-2018-12388
24 Oct 2018 — Mozilla developers and community members reported memory safety bugs present in Firefox 62. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63. Los desarrolladores de Mozilla y los miembros de la comunidad reportaron problemas de seguridad existentes en Firefox 62. Algunos de estos errores mostraban evidencias de corrupción de memoria y se cree que, con el esfuerzo... • http://www.securityfocus.com/bid/105721 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 15EXPL: 0CVE-2018-12395 – Mozilla: WebExtension bypass of domain restrictions through header rewriting
https://notcve.org/view.php?id=CVE-2018-12395
24 Oct 2018 — By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63. Al reescribir las cabeceras "Host: request" que utilizan la API webRequest, WebExtensions pueden omitir las restricciones de dominio mediante la fronting del dominio. Esto permitiría el acceso a dominios, cuyo acceso es normalme... • http://www.securityfocus.com/bid/105718 • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-12398 – Ubuntu Security Notice USN-3801-2
https://notcve.org/view.php?id=CVE-2018-12398
24 Oct 2018 — By using the reflected URL in some special resource URIs, such as chrome:, it is possible to inject stylesheets and bypass Content Security Policy (CSP). This vulnerability affects Firefox < 63. Al utilizar la URL reflejada, en algunas URI de recurso especiales, como "chrome:", es posible inyectar hojas de estilo y omitir la política de seguridad de contenido (CSP). Esta vulnerabilidad afecta a las versiones anteriores a la 63 de Firefox. USN-3801-1 fixed vulnerabilities in Firefox. • http://www.securityfocus.com/bid/105721 •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2018-12399 – Ubuntu Security Notice USN-3801-1
https://notcve.org/view.php?id=CVE-2018-12399
24 Oct 2018 — When a new protocol handler is registered, the API accepts a title argument which can be used to mislead users about which domain is registering the new protocol. This may result in the user approving a protocol handler that they otherwise would not have. This vulnerability affects Firefox < 63. Cuando se registra un nuevo manipulador de protocolos, la API acepta un argumento de títulos que puede utilizarse para engañar a los usuarios para que duden sobre el dominio que está registrando el nuevo protocolo. ... • http://www.securityfocus.com/bid/105721 • CWE-287: Improper Authentication •
CVSS: 5.3EPSS: 1%CPEs: 5EXPL: 0CVE-2018-12403 – Ubuntu Security Notice USN-3801-2
https://notcve.org/view.php?id=CVE-2018-12403
24 Oct 2018 — If a site is loaded over a HTTPS connection but loads a favicon resource over HTTP, the mixed content warning is not displayed to users. This vulnerability affects Firefox < 63. Si se carga un sitio mediante una conexión HTTPS y, en consecuencia, se carga un recurso favicon mediante HTTP, no salta la advertencia de contenido mixto a los usuarios. Esta vulnerabilidad afecta a las versiones anteriores a la 63 de Firefox. USN-3801-1 fixed vulnerabilities in Firefox. • http://www.securityfocus.com/bid/105721 •
CVSS: 6.5EPSS: 2%CPEs: 19EXPL: 0CVE-2018-18584 – libmspack: Out-of-bounds write in mspack/cab.h
https://notcve.org/view.php?id=CVE-2018-18584
23 Oct 2018 — In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write. En mspack/cab.h en libmspack en versiones anteriores a la 0.8alpha y cabextract en versiones anteriores a la 1.8, el búfer de entrada de bloques CAB es un byte más pequeño para el bloque Quantum máximo, lo que conduce a una escritura fuera de límites. USN-3814-1 fixed several vulnerabilities in libmspack. In Ubuntu 14.04 li... • https://access.redhat.com/errata/RHSA-2019:2049 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 19EXPL: 1CVE-2018-18585 – libmspack: chmd_read_headers() fails to reject filenames containing NULL bytes
https://notcve.org/view.php?id=CVE-2018-18585
23 Oct 2018 — chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name). chmd_read_headers en mspack/chmd.c en libmspack en versiones anteriores a la 0.8alpha acepta un nombre de archivo que tiene "\0" como su primer o segundo carácter (como el nombre "/\0"). Multiple vulnerabilities have been found in cabextract and libmspack, the worst of which could result in a Denial of Service. Versions less than 1.8 are affected. • https://access.redhat.com/errata/RHSA-2019:2049 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 29%CPEs: 7EXPL: 2CVE-2018-18557 – libtiff 4.0.9 - Decodes Arbitrarily Sized JBIG into a Target Buffer
https://notcve.org/view.php?id=CVE-2018-18557
22 Oct 2018 — LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write. LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4. 0.8 y 4.0.9 (con JB... • https://packetstorm.news/files/id/149974 • CWE-787: Out-of-bounds Write •
CVSS: 8.6EPSS: 0%CPEs: 17EXPL: 1CVE-2018-18284 – ghostscript: 1Policy operator allows a sandbox protection bypass
https://notcve.org/view.php?id=CVE-2018-18284
18 Oct 2018 — Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. Artifex Ghostscript 9.25 y anteriores permite que los atacantes omitan un mecanismo de protección de sandbox mediante vectores relacionados con el operador 1Policy. Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service, disclosure of existence and size of arbitrary files, or the execution of arbi... • http://git.ghostscript.com/?p=ghostpdl.git%3Bh=8d19fdf63f91f50466b08f23e2d93d37a4c5ea0b •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2018-18445 – kernel: Faulty computation of numberic bounds in the BPF verifier
https://notcve.org/view.php?id=CVE-2018-18445
17 Oct 2018 — In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts. En el kernel de Linux 4.14.x, 4.15.x, 4.16.x, 4.17.x y versiones 4.18.x anteriores a la 4.18.13, el cálculo incorrecto de enlaces numéricos en el verificador BPF permite accesos a la memoria fuera de límites debido a que adjust_scalar_min_max_val... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b799207e1e1816b09e7a5920fbb2d5fcf6edd681 • CWE-125: Out-of-bounds Read •