CVE-2018-5186

Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 61.

Published: Oct 18, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-5186
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
mozilla / firefox	-	61.0
canonical / ubuntu_linux	16.04	16.04.x
canonical / ubuntu_linux	14.04	14.04.x
canonical / ubuntu_linux	17.10	17.10.x
canonical / ubuntu_linux	18.04	18.04.x

http://www.securityfocus.com/bid/104557
http://www.securitytracker.com/id/1041193
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1464872%2C1463329%2C1419373%2C1412882%2C1413033%2C1444673%2C1454448%2C1453505%2C1438671
https://security.gentoo.org/glsa/201810-01
https://usn.ubuntu.com/3705-1/
https://www.mozilla.org/security/advisories/mfsa2018-15/

Vulnerability Database

290,020

CVE-2018-5186