CVSS: 6.1EPSS: 0%CPEs: 21EXPL: 0CVE-2018-5168 – Mozilla: Lightweight themes can be installed without user interaction
https://notcve.org/view.php?id=CVE-2018-5168
Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8. Los sitios pueden omitir las comprobaciones de seguridad de los permisos para instalar temas ligeros manipulando la propiedad "baseURI" del elemento theme. Esto podría permitir que un sitio malicioso instale un tema sin la interacción del usuario que podría contener imágenes ofensivas o embarazosas. • http://www.securityfocus.com/bid/104136 http://www.securitytracker.com/id/1040896 https://access.redhat.com/errata/RHSA-2018:1414 https://access.redhat.com/errata/RHSA-2018:1415 https://access.redhat.com/errata/RHSA-2018:1725 https://access.redhat.com/errata/RHSA-2018:1726 https://bugzilla.mozilla.org/show_bug.cgi?id=1449548 https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html https://securi • CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 1%CPEs: 19EXPL: 2CVE-2018-5158 – pdf.js < 2.0.943 - Authenticated (Author+) Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-5158
The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60. El visor de PDF no sanea suficientemente las funciones de la calculadora PostScript, lo que permite inyectar JavaScript malicioso a través de un archivo PDF manipulado. Este JavaScript puede ser ejecutado por su worker con los permisos del visor de PDF. • https://github.com/ppcrab/CVE-2018-5158 https://github.com/puzzle-tools/-CVE-2018-5158.pdf http://www.securityfocus.com/bid/104136 http://www.securitytracker.com/id/1040896 https://access.redhat.com/errata/RHSA-2018:1414 https://access.redhat.com/errata/RHSA-2018:1415 https://bugzilla.mozilla.org/show_bug.cgi?id=1452075 https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html https://security.gentoo.org/glsa/201810-01 https://usn.ubuntu.com/3645-1 https& • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-10982
https://notcve.org/view.php?id=CVE-2018-10982
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET interrupt injection. Se ha descubierto un problema en Xen hasta las versiones 4.10.x que permite que usuarios invitados del sistema operativo x86 HVM provoquen una denegación de servicio (número de interrupción sorprendentemente alto, sobrescritura del array y cierre inesperado del hipervisor) o ganen privilegios del hipervisor estableciendo un temporizador HPET para realizar interrupciones en el modo IO-APIC. Esto también se conoce como inyección de interrupción vHPET. • http://openwall.com/lists/oss-security/2018/05/08/2 http://www.securityfocus.com/bid/104150 https://lists.debian.org/debian-lts-announce/2018/05/msg00015.html https://lists.debian.org/debian-lts-announce/2018/10/msg00009.html https://security.gentoo.org/glsa/201810-06 https://www.debian.org/security/2018/dsa-4201 https://xenbits.xen.org/xsa/advisory-261.html •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-10981
https://notcve.org/view.php?id=CVE-2018-10981
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request. Se ha descubierto un problema en Xen hasta las versiones 4.10.x que permite que usuarios invitados del sistema operativo x86 HVM provoquen una denegación de servicio (bucle infinito del sistema operativo del host) en situaciones en las que un modelo de dispositivo QEMU intenta realizar transiciones no válidas entre estados de una petición. • http://openwall.com/lists/oss-security/2018/05/08/3 http://www.securityfocus.com/bid/104149 https://lists.debian.org/debian-lts-announce/2018/05/msg00015.html https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html https://security.gentoo.org/glsa/201810-06 https://www.debian.org/security/2018/dsa-4201 https://xenbits.xen.org/xsa/advisory-262.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2017-18266
https://notcve.org/view.php?id=CVE-2017-18266
The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by %s in this environment variable. La función open_envvar en xdg-open en xdg-utils en versiones anteriores a la 1.1.3 no valida cadenas antes de iniciar el programa especificado por la variable de entorno BROWSER. Esto permite que atacantes remotos lleven a cabo ataques de inyección de argumentos mediante una URL manipulada, tal y como demuestra %s en esta variable de entorno. • https://bugs.freedesktop.org/show_bug.cgi?id=103807 https://cgit.freedesktop.org/xdg/xdg-utils/commit/?id=5647afb35e4bcba2060148e1a2a47bc43cc240f2 https://cgit.freedesktop.org/xdg/xdg-utils/commit/?id=ce802d71c3466d1dbb24f2fe9b6db82a1f899bcb https://cgit.freedesktop.org/xdg/xdg-utils/tree/ChangeLog https://lists.debian.org/debian-lts-announce/2018/05/msg00014.html https://usn.ubuntu.com/3650-1 https://www.debian.org/security/2018/dsa-4211 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •