CVE-2018-12361
Vulnerability from cvelistv5
Published
2018-10-18 13:00
Modified
2024-08-05 08:31
Severity ?
EPSS score ?
Summary
An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
Mozilla | Thunderbird | |
Mozilla | Firefox ESR | |
Mozilla | Firefox |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T08:31:00.338Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201810-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201810-01" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2018-15/" }, { "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html" }, { "name": "GLSA-201811-13", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201811-13" }, { "name": "DSA-4295", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2018/dsa-4295" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2018-16/" }, { "name": "1041193", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1041193" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2018-19/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1463244" }, { "name": "104558", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/104558" }, { "name": "USN-3705-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3705-1/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "60", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "60.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "61", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "datePublic": "2018-06-26T00:00:00", "descriptions": [ { "lang": "en", "value": "An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Firefox ESR \u003c 60.1, and Firefox \u003c 61." } ], "problemTypes": [ { "descriptions": [ { "description": "Integer overflow in SwizzleData", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-11-25T10:57:01", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "name": "GLSA-201810-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201810-01" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.mozilla.org/security/advisories/mfsa2018-15/" }, { "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html" }, { "name": "GLSA-201811-13", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201811-13" }, { "name": "DSA-4295", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2018/dsa-4295" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.mozilla.org/security/advisories/mfsa2018-16/" }, { "name": "1041193", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1041193" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.mozilla.org/security/advisories/mfsa2018-19/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1463244" }, { "name": "104558", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/104558" }, { "name": "USN-3705-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3705-1/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2018-12361", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Thunderbird", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "60" } ] } }, { "product_name": "Firefox ESR", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "60.1" } ] } }, { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "61" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Firefox ESR \u003c 60.1, and Firefox \u003c 61." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Integer overflow in SwizzleData" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201810-01", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201810-01" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2018-15/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2018-15/" }, { "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html" }, { "name": "GLSA-201811-13", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201811-13" }, { "name": "DSA-4295", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4295" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2018-16/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2018-16/" }, { "name": "1041193", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041193" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2018-19/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2018-19/" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1463244", "refsource": "CONFIRM", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1463244" }, { "name": "104558", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104558" }, { "name": "USN-3705-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3705-1/" } ] } } } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2018-12361", "datePublished": "2018-10-18T13:00:00", "dateReserved": "2018-06-14T00:00:00", "dateUpdated": "2024-08-05T08:31:00.338Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2018-12361\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2018-10-18T13:29:01.147\",\"lastModified\":\"2018-12-06T14:38:54.327\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Firefox ESR \u003c 60.1, and Firefox \u003c 61.\"},{\"lang\":\"es\",\"value\":\"Puede ocurrir un desbordamiento de enteros en el c\u00f3digo SwizzleData al calcular tama\u00f1os de b\u00fafer. El valor desbordado se emplea para posteriores c\u00e1lculos de gr\u00e1ficos cuando sus entradas no se sanean, lo que resulta en un cierre inesperado potencialmente explotable. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 60, Firefox ESR en versiones anteriores a la 60.1 y Firefox en versiones anteriores a la 61.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":6.8},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"61.0\",\"matchCriteriaId\":\"2F47E7EA-86AF-46A8-8E17-3360A8AE8492\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"60.1\",\"matchCriteriaId\":\"C033F179-E43B-482A-9B61-AFC2F1F7327F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"60.0\",\"matchCriteriaId\":\"0FBD136C-202C-430B-876E-9D10972AA6C4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9070C9D8-A14A-467F-8253-33B966C16886\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/104558\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041193\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1463244\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\",\"Permissions Required\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201810-01\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201811-13\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3705-1/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4295\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2018-15/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2018-16/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2018-19/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.