CVE-2018-5118
Ubuntu Security Notice USN-3544-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The screenshot images displayed in the Activity Stream page displayed when a new tab is opened is created from the meta tags of websites. An issue was discovered where the page could attempt to create these images through "file:" URLs from the local file system. This loading is blocked by the sandbox but could expose local data if combined with another attack that escapes sandbox protections. This vulnerability affects Firefox < 58.
Las imágenes de captura de pantalla que se muestran en la página Activity Stream que aparece cuando se abre una nueva pestaña se crean a partir de las etiquetas meta de los sitios web. Se descubrió un problema en el que la página podría intentar crear estas imágenes a través de URL "file:" desde el sistema de archivos local. Esta carga es bloqueada por el sandbox, pero podría exponer datos locales si se combina con otro ataque que se escapa de las protecciones del sandbox. Esta vulnerabilidad afecta a las versiones anteriores a la 58 de Firefox.
Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, spoof the origin in audio capture prompts, trick the user in to providing HTTP credentials for another origin, spoof the addressbar contents, or execute arbitrary code. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-01-03 CVE Reserved
- 2018-01-25 CVE Published
- 2024-08-05 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/102786 | Third Party Advisory | |
| http://www.securitytracker.com/id/1040270 | Third Party Advisory | |
| https://bugzilla.mozilla.org/show_bug.cgi?id=1420049 | Issue Tracking |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://usn.ubuntu.com/3544-1 | 2018-06-25 | |
| https://www.mozilla.org/security/advisories/mfsa2018-02 | 2018-06-25 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | <= 57.0.4 Search vendor "Mozilla" for product "Firefox" and version " <= 57.0.4" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 17.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "17.10" | - |
Affected
| ||||||