vulnerability

Ubuntu: (Multiple Advisories) (CVE-2018-12365): Firefox vulnerabilities

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Jun 26, 2018
Added
Jul 12, 2018
Modified
Mar 27, 2026

Description

A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

Solutions

ubuntu-upgrade-firefoxubuntu-upgrade-thunderbird

References

    Title
    Rapid7 Labs

    2026 Global Threat Landscape Report

    The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.