1. CVE-Search
  2. CVE-2018-12393
ID CVE-2018-12393
Summary A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit builds are not vulnerable to this issue.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.
References
Vulnerable Configurations
  • cpe:2.3:a:mozilla:firefox:60.0:*:*:*:*:*:x86:*
    cpe:2.3:a:mozilla:firefox:60.0:*:*:*:*:*:x86:*
  • cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:x86:*
    cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:x86:*
  • cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:x86:*
    cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:x86:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:
CWE CWE-190
CAPEC
  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
redhat via4
advisories
  • bugzilla
    id 1642183
    title CVE-2018-12393 Mozilla: Integer overflow during Unicode conversion while loading JavaScript
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment thunderbird is earlier than 0:60.3.0-1.el6
        oval oval:com.redhat.rhsa:tst:20183531001
      • comment thunderbird is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100896002
    rhsa
    id RHSA-2018:3531
    released 2018-11-09
    severity Important
    title RHSA-2018:3531: thunderbird security update (Important)
  • bugzilla
    id 1642183
    title CVE-2018-12393 Mozilla: Integer overflow during Unicode conversion while loading JavaScript
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • comment thunderbird is earlier than 0:60.3.0-1.el7_5
        oval oval:com.redhat.rhsa:tst:20183532001
      • comment thunderbird is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100896002
    rhsa
    id RHSA-2018:3532
    released 2018-11-09
    severity Important
    title RHSA-2018:3532: thunderbird security update (Important)
  • rhsa
    id RHSA-2018:3005
  • rhsa
    id RHSA-2018:3006
rpms
  • firefox-0:60.3.0-1.el7_5
  • firefox-debuginfo-0:60.3.0-1.el7_5
  • firefox-0:60.3.0-1.el6
  • firefox-debuginfo-0:60.3.0-1.el6
  • thunderbird-0:60.3.0-1.el6
  • thunderbird-debuginfo-0:60.3.0-1.el6
  • thunderbird-0:60.3.0-1.el7_5
  • thunderbird-debuginfo-0:60.3.0-1.el7_5
refmap via4
bid
  • 105718
  • 105769
confirm
debian
  • DSA-4324
  • DSA-4337
gentoo
  • GLSA-201811-04
  • GLSA-201811-13
mlist
  • [debian-lts-announce] 20181107 [SECURITY] [DLA 1571-1] firefox-esr security update
  • [debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update
sectrack 1041944
ubuntu
  • USN-3801-1
  • USN-3868-1
Last major update 24-08-2020 - 17:37
Published 28-02-2019 - 18:29
Last modified 24-08-2020 - 17:37
Back to Top