CVE-2018-12379

Impact:
Moderate
Public Date:
2018-09-05
CWE:
CWE-787
Bugzilla:
1625528: CVE-2018-12379 Mozilla: Out-of-bounds write with malicious MAR file

The MITRE CVE dictionary describes this issue as:

When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.

Find out more about CVE-2018-12379 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This flaw cannot be exploited through email in Thunderbird as scripting is disabled in this for email content. It may be possible to exploit through Feeds (Atom or RSS) or other browser-like contexts.

CVSS v3 metrics

CVSS3 Base Score 6.1
CVSS3 Base Metrics CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Changed
Confidentiality Low
Integrity Impact Low
Availability Impact None

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 6 (firefox) RHSA-2018:2693 2018-09-12
Red Hat Enterprise Linux 7 (firefox) RHSA-2018:2692 2018-09-12
Red Hat Enterprise Linux 7 (thunderbird) RHSA-2018:3458 2018-11-05
Red Hat Enterprise Linux 6 (thunderbird) RHSA-2018:3403 2018-10-30

Acknowledgements

Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Holger Fuhrmannek as the original reporter.

External References

Last Modified

CVE description copyright © 2017, The MITRE Corporation