{"api_version":"1","generated_at":"2026-04-23T09:37:54+00:00","cve":"CVE-2018-12375","urls":{"html":"https://cve.report/CVE-2018-12375","api":"https://cve.report/api/cve/CVE-2018-12375.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2018-12375","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2018-12375"},"summary":{"title":"CVE-2018-12375","description":"Memory safety bugs present in Firefox 61. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62.","state":"PUBLIC","assigner":"security@mozilla.org","published_at":"2018-10-18 13:29:00","updated_at":"2018-12-06 19:05:00"},"problem_types":["CWE-119"],"metrics":[],"references":[{"url":"https://usn.ubuntu.com/3761-1/","name":"USN-3761-1","refsource":"UBUNTU","tags":["Third Party Advisory"],"title":"USN-3761-1: Firefox vulnerabilities | Ubuntu security notices | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.mozilla.org/security/advisories/mfsa2018-20/","name":"https://www.mozilla.org/security/advisories/mfsa2018-20/","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"Security vulnerabilities fixed in Firefox 62 — Mozilla","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id/1041610","name":"1041610","refsource":"SECTRACK","tags":["Third Party Advisory","VDB Entry"],"title":"Mozilla Firefox Multiple Bugs Let Remote Users Spoof the Address Bar, Bypass Security Restrictions, and Execute Arbitrary Code - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1478849%2C1433502%2C1480965%2C894215%2C1462693%2C1475431%2C1461027","name":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1478849%2C1433502%2C1480965%2C894215%2C1462693%2C1475431%2C1461027","refsource":"CONFIRM","tags":["Issue Tracking","Not Applicable","Vendor Advisory"],"title":"Bug List","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/105276","name":"105276","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"Mozilla Firefox MFSA2018-20 Multiple Security Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2018-12375","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12375","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2018","cve_id":"12375","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"14.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"12375","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"16.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"12375","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"18.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"12375","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"14.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"12375","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"16.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"12375","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"18.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"12375","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mozilla","cpe5":"firefox","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"12375","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mozilla","cpe5":"firefox","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2018-12375","qid":"690611","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for mozilla (c96d416a-eae7-4d5d-bc84-40deca9329fb)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security@mozilla.org","ID":"CVE-2018-12375","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Firefox","version":{"version_data":[{"version_affected":"<","version_value":"62"}]}}]},"vendor_name":"Mozilla"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Memory safety bugs present in Firefox 61. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Memory safety bugs fixed in Firefox 62"}]}]},"references":{"reference_data":[{"name":"https://www.mozilla.org/security/advisories/mfsa2018-20/","refsource":"CONFIRM","url":"https://www.mozilla.org/security/advisories/mfsa2018-20/"},{"name":"1041610","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1041610"},{"name":"105276","refsource":"BID","url":"http://www.securityfocus.com/bid/105276"},{"name":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1478849%2C1433502%2C1480965%2C894215%2C1462693%2C1475431%2C1461027","refsource":"CONFIRM","url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1478849%2C1433502%2C1480965%2C894215%2C1462693%2C1475431%2C1461027"},{"name":"USN-3761-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3761-1/"}]}},"nvd":{"publishedDate":"2018-10-18 13:29:00","lastModifiedDate":"2018-12-06 19:05:00","problem_types":["CWE-119"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":6.8},"severity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"62.0","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2018","CveId":"12375","Ordinal":"128893","Title":"CVE-2018-12375","CVE":"CVE-2018-12375","Year":"2018"},"notes":[{"CveYear":"2018","CveId":"12375","Ordinal":"1","NoteData":"Memory safety bugs present in Firefox 61. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62.","Type":"Description","Title":null},{"CveYear":"2018","CveId":"12375","Ordinal":"2","NoteData":"2018-10-18","Type":"Other","Title":"Published"},{"CveYear":"2018","CveId":"12375","Ordinal":"3","NoteData":"2018-10-19","Type":"Other","Title":"Modified"}]}}}