CVE-2018-12385

high

Description

A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into the local cache or from locally installed malware. This issue also triggers a non-exploitable startup crash for users switching between the Nightly and Release versions of Firefox if the same profile is used. This vulnerability affects Thunderbird < 60.2.1, Firefox ESR < 60.2.1, and Firefox < 62.0.2.

References

https://www.mozilla.org/security/advisories/mfsa2018-25/

https://www.mozilla.org/security/advisories/mfsa2018-23/

https://www.mozilla.org/security/advisories/mfsa2018-22/

https://www.debian.org/security/2018/dsa-4327

https://www.debian.org/security/2018/dsa-4304

https://usn.ubuntu.com/3793-1/

https://usn.ubuntu.com/3778-1/

https://security.gentoo.org/glsa/201811-13

https://security.gentoo.org/glsa/201810-01

https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html

https://bugzilla.mozilla.org/show_bug.cgi?id=1490585

https://access.redhat.com/errata/RHSA-2018:3458

https://access.redhat.com/errata/RHSA-2018:3403

https://access.redhat.com/errata/RHSA-2018:2835

https://access.redhat.com/errata/RHSA-2018:2834

http://www.securitytracker.com/id/1041701

http://www.securitytracker.com/id/1041700

http://www.securityfocus.com/bid/105380

Details

Source: Mitre, NVD

Published: 2018-10-18

Updated: 2018-12-06

Risk Information

CVSS v2

Base Score: 4.4

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High