CVE-2018-12385

MEDIUM

Description

A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into the local cache or from locally installed malware. This issue also triggers a non-exploitable startup crash for users switching between the Nightly and Release versions of Firefox if the same profile is used. This vulnerability affects Thunderbird < 60.2.1, Firefox ESR < 60.2.1, and Firefox < 62.0.2.

References

http://www.securityfocus.com/bid/105380

http://www.securitytracker.com/id/1041700

http://www.securitytracker.com/id/1041701

https://access.redhat.com/errata/RHSA-2018:2834

https://access.redhat.com/errata/RHSA-2018:2835

https://access.redhat.com/errata/RHSA-2018:3403

https://access.redhat.com/errata/RHSA-2018:3458

https://bugzilla.mozilla.org/show_bug.cgi?id=1490585

https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html

https://security.gentoo.org/glsa/201810-01

https://security.gentoo.org/glsa/201811-13

https://usn.ubuntu.com/3778-1/

https://usn.ubuntu.com/3793-1/

https://www.debian.org/security/2018/dsa-4304

https://www.debian.org/security/2018/dsa-4327

https://www.mozilla.org/security/advisories/mfsa2018-22/

https://www.mozilla.org/security/advisories/mfsa2018-23/

https://www.mozilla.org/security/advisories/mfsa2018-25/

Details

Source: MITRE

Published: 2018-10-18

Updated: 2018-12-06

Type: CWE-20

Risk Information

CVSS v2.0

Base Score: 4.4

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.4

Severity: MEDIUM

CVSS v3.0

Base Score: 7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1

Severity: HIGH