Mozilla Firefox and Firefox ESR Multiple Unspecified Memory Corruption Vulnerabilities

Bugtraq ID:	104556
Class:	Unknown
CVE:	CVE-2018-5187
Remote:	Yes
Local:	No
Published:	Jun 26 2018 12:00AM
Updated:	Jun 26 2018 12:00AM
Credit:	Christian Holler, Sebastian Hengst, Nils Ohlmeier, Jon Coppeard, Randell Jesup, Ted Campbell, Gary Kwong, and Jean-Yves Avenard.
Vulnerable:	Mozilla Firefox ESR 60 Mozilla Firefox 60
Not Vulnerable:	Mozilla Firefox ESR 60.1 Mozilla Firefox 61

Mozilla Firefox and Firefox ESR Multiple Unspecified Memory Corruption Vulnerabilities

Mozilla Firefox and Firefox ESR are prone to multiple unspecified memory-corruption vulnerabilities.

Attackers can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

These issues are fixed in:

Firefox ESR 60.1, and Firefox 61

Mozilla Firefox and Firefox ESR Multiple Unspecified Memory Corruption Vulnerabilities

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Mozilla Firefox and Firefox ESR Multiple Unspecified Memory Corruption Vulnerabilities

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Mozilla Firefox and Firefox ESR Multiple Unspecified Memory Corruption Vulnerabilities

References:

• Mozilla Firefox Homepage (Mozilla)
  
• Security vulnerabilities fixed in Firefox 61 (Mozilla)
  
• Security vulnerabilities fixed in Firefox ESR 60.1 (Mozilla)