vulnerability
SUSE: CVE-2018-12386: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:M/Au:N/C:P/I:P/A:N) | Oct 2, 2018 | Oct 5, 2018 | Oct 22, 2021 |
Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Published
Oct 2, 2018
Added
Oct 5, 2018
Modified
Oct 22, 2021
Description
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.
Solutions
suse-upgrade-apache2-mod_nsssuse-upgrade-libfreebl3suse-upgrade-libfreebl3-32bitsuse-upgrade-libfreebl3-hmacsuse-upgrade-libfreebl3-hmac-32bitsuse-upgrade-libsoftokn3suse-upgrade-libsoftokn3-32bitsuse-upgrade-libsoftokn3-hmacsuse-upgrade-libsoftokn3-hmac-32bitsuse-upgrade-mozilla-nsprsuse-upgrade-mozilla-nspr-32bitsuse-upgrade-mozilla-nspr-develsuse-upgrade-mozilla-nsssuse-upgrade-mozilla-nss-32bitsuse-upgrade-mozilla-nss-certssuse-upgrade-mozilla-nss-certs-32bitsuse-upgrade-mozilla-nss-develsuse-upgrade-mozilla-nss-sysinitsuse-upgrade-mozilla-nss-sysinit-32bitsuse-upgrade-mozilla-nss-toolssuse-upgrade-mozillafirefoxsuse-upgrade-mozillafirefox-branding-slesuse-upgrade-mozillafirefox-branding-upstreamsuse-upgrade-mozillafirefox-buildsymbolssuse-upgrade-mozillafirefox-develsuse-upgrade-mozillafirefox-translations-commonsuse-upgrade-mozillafirefox-translations-other
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.