 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2018-12387 |
| Description: | A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content process. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3. |
| Test IDs: | 1.3.6.1.4.1.25623.1.1.13.2018.276.01 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-12387 BugTraq ID: 105460 http://www.securityfocus.com/bid/105460 Debian Security Information: DSA-4310 (Google Search) https://www.debian.org/security/2018/dsa-4310 https://security.gentoo.org/glsa/201810-01 RedHat Security Advisories: RHSA-2018:2881 https://access.redhat.com/errata/RHSA-2018:2881 RedHat Security Advisories: RHSA-2018:2884 https://access.redhat.com/errata/RHSA-2018:2884 http://www.securitytracker.com/id/1041770 https://usn.ubuntu.com/3778-1/ |