CVE-2018-12376 – Mozilla: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
https://notcve.org/view.php?id=CVE-2018-12376
Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Hay errores de seguridad de memoria en Firefox 61 y Firefox ESR 60.1. Algunos de estos errores mostraron evidencias de corrupción de memoria y se entiende que, con el suficiente esfuerzo, algunos de estos podrían explotarse para ejecutar código arbitrario. • http://www.securityfocus.com/bid/105280 http://www.securitytracker.com/id/1041610 https://access.redhat.com/errata/RHSA-2018:2692 https://access.redhat.com/errata/RHSA-2018:2693 https://access.redhat.com/errata/RHSA-2018:3403 https://access.redhat.com/errata/RHSA-2018:3458 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1469309%2C1469914%2C1450989%2C1480092%2C1480517%2C1481093%2C1478575%2C1471953%2C1473161%2C1466991%2C1468738%2C1483120%2C1467363%2C1472925%2C1466577%2C1467889%2C1480521%2C1478849 https://lists.debia • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2018-12377 – Mozilla: Use-after-free in driver timers
https://notcve.org/view.php?id=CVE-2018-12377
A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Puede ocurrir una vulnerabilidad de uso de memoria previamente liberada cuando se actualizan los temporizadores de los drivers de actualización en algunas circunstancias durante el apagado cuando el temporizador se elimina si sigue estando en uso. Esto resulta en un cierre inesperado potencialmente explotable. • http://www.securityfocus.com/bid/105280 http://www.securitytracker.com/id/1041610 https://access.redhat.com/errata/RHSA-2018:2692 https://access.redhat.com/errata/RHSA-2018:2693 https://access.redhat.com/errata/RHSA-2018:3403 https://access.redhat.com/errata/RHSA-2018:3458 https://bugzilla.mozilla.org/show_bug.cgi?id=1470260 https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html https://security.gentoo.org/glsa/201810-01 https://security.gentoo.org/glsa/20181 • CWE-416: Use After Free •
CVE-2018-12378 – Mozilla: Use-after-free in IndexedDB
https://notcve.org/view.php?id=CVE-2018-12378
A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Puede ocurrir una vulnerabilidad de uso de memoria previamente liberada cuando un índice IndexedDB se elimina mientras sigue en uso por parte de código JavaScript que está proporcionando valores de carga útil para que sean almacenados. Esto resulta en un cierre inesperado potencialmente explotable. • http://www.securityfocus.com/bid/105280 http://www.securitytracker.com/id/1041610 https://access.redhat.com/errata/RHSA-2018:2692 https://access.redhat.com/errata/RHSA-2018:2693 https://access.redhat.com/errata/RHSA-2018:3403 https://access.redhat.com/errata/RHSA-2018:3458 https://bugzilla.mozilla.org/show_bug.cgi?id=1459383 https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html https://security.gentoo.org/glsa/201810-01 https://security.gentoo.org/glsa/20181 • CWE-416: Use After Free •
CVE-2018-12383 – Mozilla: Setting a master password post-Firefox 58 does not delete unencrypted previously stored passwords
https://notcve.org/view.php?id=CVE-2018-12383
If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Firefox 58. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations. This vulnerability affects Firefox < 62, Firefox ESR < 60.2.1, and Thunderbird < 60.2.1. • http://www.securityfocus.com/bid/105276 http://www.securitytracker.com/id/1041610 http://www.securitytracker.com/id/1041701 https://access.redhat.com/errata/RHSA-2018:2834 https://access.redhat.com/errata/RHSA-2018:2835 https://access.redhat.com/errata/RHSA-2018:3403 https://access.redhat.com/errata/RHSA-2018:3458 https://bugzilla.mozilla.org/show_bug.cgi?id=1475775 https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html https://security.gentoo.org/glsa/201810- • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer CWE-522: Insufficiently Protected Credentials •
CVE-2018-12372 – thunderbird: S/MIME and PGP decryption oracles can be built with HTML emails
https://notcve.org/view.php?id=CVE-2018-12372
Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. Las partes S/MIME descifradas, cuando se incluyen en HTML manipulado para un ataque, pueden filtrar texto plano cuando se incluyen en una respuesta/reenvío HTML. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 52.9. • http://www.securityfocus.com/bid/104613 https://access.redhat.com/errata/RHSA-2018:2251 https://access.redhat.com/errata/RHSA-2018:2252 https://bugzilla.mozilla.org/show_bug.cgi?id=1419417 https://lists.debian.org/debian-lts-announce/2018/07/msg00013.html https://security.gentoo.org/glsa/201811-13 https://usn.ubuntu.com/3714-1 https://www.debian.org/security/2018/dsa-4244 https://www.mozilla.org/security/advisories/mfsa2018-18 https://access.redhat.com/security/cve/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •