CVE-2018-5146 Mozilla Firefox Multiple Vulnerabilities (mfsa2018-08)

漏洞类别:Local

漏洞等级:

漏洞信息

Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android.

Multiple vulnerabilities were reported in Mozilla Firefox:
CVE-2018-5146: Out of bounds memory write in libvorbis
CVE-2018-5147: Out of bounds memory write in libtremor

Affected Versions:
Firefox prior to 59.0.1
Firefox ESR prior to 52.7.2

QID Detection Logic (Authenticated)
This QID checks for vulnerable versions of Firefox browser.

漏洞危害

Successful exploitation allows attacker to gain access to sensitive information.

解决方案

Refer to mfsa2018-08

Patch:
Following are links for downloading patches to fix the vulnerabilities:

mfsa2018-08: Windows

mfsa2018-08: MAC

Leave a Reply