Vulnerabilities > CVE-2018-12368 - Unspecified vulnerability in Mozilla Firefox
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Windows 10 does not warn users before opening executable files with the SettingContent-ms extension even when they have been downloaded from the internet and have the "Mark of the Web." Without the warning, unsuspecting users unfamiliar with this new file type might run an unwanted executable. This also allows a WebExtension with the limited downloads.open permission to execute arbitrary code without user interaction on Windows 10 systems. *Note: this issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
Vulnerable Configurations
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2322-2.NASL description This update for MozillaFirefox to version ESR 52.9 fixes the following issues : CVE-2018-5188: Various memory safety bugs (bsc#1098998) CVE-2018-12368: No warning when opening executable SettingContent-ms files CVE-2018-12366: Invalid data handling during QCMS transformations CVE-2018-12365: Compromised IPC child process can list local filenames CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins CVE-2018-12363: Use-after-free when appending DOM nodes CVE-2018-12362: Integer overflow in SSSE3 scaler CVE-2018-12360: Use-after-free when using focus() CVE-2018-5156: Media recorder segmentation fault when track type is changed during capture CVE-2018-12359: Buffer overflow using computed size of canvas element Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 118279 published 2018-10-22 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118279 title SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2018:2322-2) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2018:2322-2. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(118279); script_version("1.5"); script_cvs_date("Date: 2019/09/10 13:51:48"); script_cve_id("CVE-2018-12359", "CVE-2018-12360", "CVE-2018-12362", "CVE-2018-12363", "CVE-2018-12364", "CVE-2018-12365", "CVE-2018-12366", "CVE-2018-12368", "CVE-2018-5156", "CVE-2018-5188"); script_name(english:"SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2018:2322-2)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for MozillaFirefox to version ESR 52.9 fixes the following issues : CVE-2018-5188: Various memory safety bugs (bsc#1098998) CVE-2018-12368: No warning when opening executable SettingContent-ms files CVE-2018-12366: Invalid data handling during QCMS transformations CVE-2018-12365: Compromised IPC child process can list local filenames CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins CVE-2018-12363: Use-after-free when appending DOM nodes CVE-2018-12362: Integer overflow in SSSE3 scaler CVE-2018-12360: Use-after-free when using focus() CVE-2018-5156: Media recorder segmentation fault when track type is changed during capture CVE-2018-12359: Buffer overflow using computed size of canvas element Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1098998" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12359/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12360/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12362/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12363/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12364/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12365/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12366/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12368/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-5156/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-5188/" ); # https://www.suse.com/support/update/announcement/2018/suse-su-20182322-2/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?c41edc0d" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2018-1560=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/10/18"); script_set_attribute(attribute:"patch_publication_date", value:"2018/10/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/10/22"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); if (cpu >!< "x86_64") audit(AUDIT_ARCH_NOT, "x86_64", cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(2)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP2", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-debuginfo-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-debugsource-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-devel-52.9.0esr-109.38.2")) flag++; if (flag) { set_kb_item(name:'www/0/XSRF', value:TRUE); if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox"); }NASL family MacOS X Local Security Checks NASL id MACOSX_FIREFOX_52_9_ESR.NASL description The version of Mozilla Firefox ESR installed on the remote macOS or Mac OS X host is prior to 52.9. It is, therefore, affected by multiple vulnerabilities, some of which allow code execution and potentially exploitable crashes. last seen 2020-06-01 modified 2020-06-02 plugin id 110807 published 2018-06-29 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110807 title Mozilla Firefox ESR < 52.9 Multiple Vulnerabilities (macOS) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(110807); script_version("1.5"); script_cvs_date("Date: 2019/11/04"); script_cve_id( "CVE-2018-5156", "CVE-2018-5188", "CVE-2018-12359", "CVE-2018-12360", "CVE-2018-12362", "CVE-2018-12363", "CVE-2018-12364", "CVE-2018-12365", "CVE-2018-12366", "CVE-2018-12368" ); script_bugtraq_id( 104246, 104555, 104558, 104560, 104561, 104562 ); script_xref(name:"MFSA", value:"2018-17"); script_name(english:"Mozilla Firefox ESR < 52.9 Multiple Vulnerabilities (macOS)"); script_summary(english:"Checks the version of Firefox."); script_set_attribute(attribute:"synopsis", value: "A web browser installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of Mozilla Firefox ESR installed on the remote macOS or Mac OS X host is prior to 52.9. It is, therefore, affected by multiple vulnerabilities, some of which allow code execution and potentially exploitable crashes."); # https://www.mozilla.org/en-US/security/advisories/mfsa2018-17 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?6cdf2a20"); script_set_attribute(attribute:"solution", value: "Upgrade to Mozilla Firefox ESR version 52.9 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-12368"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/06/26"); script_set_attribute(attribute:"patch_publication_date", value:"2018/06/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/06/29"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:firefox_esr"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"MacOS X Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("macosx_firefox_installed.nasl"); script_require_keys("MacOSX/Firefox/Version"); exit(0); } include("mozilla_version.inc"); kb_base = "MacOSX/Firefox"; get_kb_item_or_exit(kb_base+"/Installed"); version = get_kb_item_or_exit(kb_base+"/Version", exit_code:1); path = get_kb_item_or_exit(kb_base+"/Path", exit_code:1); is_esr = get_kb_item(kb_base+"/is_esr"); if (isnull(is_esr)) audit(AUDIT_NOT_INST, "Mozilla Firefox ESR"); mozilla_check_version(version:version, path:path, product:'firefox', esr:TRUE, fix:'52.9', min:'52', severity:SECURITY_HOLE);NASL family Windows NASL id MOZILLA_FIREFOX_52_9_ESR.NASL description The version of Mozilla Firefox ESR installed on the remote Windows host is prior to 52.9. It is, therefore, affected by multiple critical and high severity vulnerabilities. last seen 2020-06-01 modified 2020-06-02 plugin id 110809 published 2018-06-29 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110809 title Mozilla Firefox ESR < 52.9 Multiple Critical Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(110809); script_version("1.5"); script_cvs_date("Date: 2019/11/04"); script_cve_id( "CVE-2018-5156", "CVE-2018-5188", "CVE-2018-12359", "CVE-2018-12360", "CVE-2018-12362", "CVE-2018-12363", "CVE-2018-12364", "CVE-2018-12365", "CVE-2018-12366", "CVE-2018-12368" ); script_bugtraq_id( 104246, 104555, 104558, 104560, 104561, 104562 ); script_xref(name:"MFSA", value:"2018-17"); script_name(english:"Mozilla Firefox ESR < 52.9 Multiple Critical Vulnerabilities"); script_summary(english:"Checks the version of Firefox."); script_set_attribute(attribute:"synopsis", value: "A web browser installed on the remote Windows host is affected by multiple critical and high severity vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of Mozilla Firefox ESR installed on the remote Windows host is prior to 52.9. It is, therefore, affected by multiple critical and high severity vulnerabilities."); # https://www.mozilla.org/en-US/security/advisories/mfsa2018-17 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?6cdf2a20"); script_set_attribute(attribute:"solution", value: "Upgrade to Mozilla Firefox ESR version 52.9 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-12368"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/06/26"); script_set_attribute(attribute:"patch_publication_date", value:"2018/06/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/06/29"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:firefox_esr"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("mozilla_org_installed.nasl"); script_require_keys("Mozilla/Firefox/Version"); exit(0); } include("mozilla_version.inc"); port = get_kb_item("SMB/transport"); if (!port) port = 445; installs = get_kb_list("SMB/Mozilla/Firefox/*"); if (isnull(installs)) audit(AUDIT_NOT_INST, "Firefox"); mozilla_check_version(installs:installs, product:'firefox', esr:TRUE, fix:'52.9', min:'52', severity:SECURITY_HOLE);NASL family MacOS X Local Security Checks NASL id MACOSX_THUNDERBIRD_60_0.NASL description The version of Mozilla Thunderbird installed on the remote OSX host is prior to 60.0. It is, therefore, affected by multiple vulnerabilities. last seen 2020-06-01 modified 2020-06-02 plugin id 111980 published 2018-08-20 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111980 title Mozilla Thunderbird < 60.0 Multiple Vulnerabilities (macOS) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(111980); script_version("1.4"); script_cvs_date("Date: 2019/11/04"); script_cve_id( "CVE-2018-5156", "CVE-2018-5187", "CVE-2018-5188", "CVE-2018-12359", "CVE-2018-12360", "CVE-2018-12361", "CVE-2018-12362", "CVE-2018-12363", "CVE-2018-12364", "CVE-2018-12365", "CVE-2018-12366", "CVE-2018-12367", "CVE-2018-12368", "CVE-2018-12371" ); script_bugtraq_id( 104555, 104556, 104558, 104560, 104561 ); script_name(english:"Mozilla Thunderbird < 60.0 Multiple Vulnerabilities (macOS)"); script_summary(english:"Checks the version of Thunderbird."); script_set_attribute(attribute:"synopsis", value: "The remote macOS or Mac OS X host contains a mail client that is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of Mozilla Thunderbird installed on the remote OSX host is prior to 60.0. It is, therefore, affected by multiple vulnerabilities."); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2018-19/"); script_set_attribute(attribute:"solution", value: "Upgrade to Mozilla Thunderbird version 60.0 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-12368"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/08/06"); script_set_attribute(attribute:"patch_publication_date", value:"2018/08/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/20"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:thunderbird"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"MacOS X Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("macosx_thunderbird_installed.nasl"); script_require_keys("MacOSX/Thunderbird/Version"); exit(0); } include("mozilla_version.inc"); kb_base = "MacOSX/Thunderbird"; get_kb_item_or_exit(kb_base+"/Installed"); version = get_kb_item_or_exit(kb_base+"/Version", exit_code:1); path = get_kb_item_or_exit(kb_base+"/Path", exit_code:1); mozilla_check_version(version:version, path:path, product:'thunderbird', fix:'60.0', severity:SECURITY_HOLE);NASL family Windows NASL id MOZILLA_FIREFOX_61_0_0.NASL description The version of Mozilla Firefox installed on the remote Windows host is prior to 61. It is, therefore, affected by multiple critical and high severity vulnerabilities. last seen 2020-06-01 modified 2020-06-02 plugin id 110811 published 2018-06-29 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110811 title Mozilla Firefox < 61 Multiple Critical Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(110811); script_version("1.5"); script_cvs_date("Date: 2019/11/04"); script_cve_id( "CVE-2018-5156", "CVE-2018-5186", "CVE-2018-5187", "CVE-2018-5188", "CVE-2018-12358", "CVE-2018-12359", "CVE-2018-12360", "CVE-2018-12361", "CVE-2018-12362", "CVE-2018-12363", "CVE-2018-12364", "CVE-2018-12365", "CVE-2018-12366", "CVE-2018-12367", "CVE-2018-12368", "CVE-2018-12369", "CVE-2018-12370", "CVE-2018-12371" ); script_bugtraq_id( 104246, 104555, 104556, 104557, 104558, 104560, 104561, 104562 ); script_xref(name:"MFSA", value:"2018-15"); script_name(english:"Mozilla Firefox < 61 Multiple Critical Vulnerabilities"); script_summary(english:"Checks the version of Firefox."); script_set_attribute(attribute:"synopsis", value: "A web browser installed on the remote Windows host is affected by multiple critical and high severity vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of Mozilla Firefox installed on the remote Windows host is prior to 61. It is, therefore, affected by multiple critical and high severity vulnerabilities."); # https://www.mozilla.org/en-US/security/advisories/mfsa2018-15 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?cf08db1a"); script_set_attribute(attribute:"solution", value: "Upgrade to Mozilla Firefox version 61.0.0 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-12368"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/06/26"); script_set_attribute(attribute:"patch_publication_date", value:"2018/06/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/06/29"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:firefox"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("mozilla_org_installed.nasl"); script_require_keys("Mozilla/Firefox/Version"); exit(0); } include("mozilla_version.inc"); port = get_kb_item("SMB/transport"); if (!port) port = 445; installs = get_kb_list("SMB/Mozilla/Firefox/*"); if (isnull(installs)) audit(AUDIT_NOT_INST, "Firefox"); mozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'61.0.0', severity:SECURITY_HOLE);NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2322-1.NASL description This update for MozillaFirefox to version ESR 52.9 fixes the following issues : - CVE-2018-5188: Various memory safety bugs (bsc#1098998) - CVE-2018-12368: No warning when opening executable SettingContent-ms files - CVE-2018-12366: Invalid data handling during QCMS transformations - CVE-2018-12365: Compromised IPC child process can list local filenames - CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins - CVE-2018-12363: Use-after-free when appending DOM nodes - CVE-2018-12362: Integer overflow in SSSE3 scaler - CVE-2018-12360: Use-after-free when using focus() - CVE-2018-5156: Media recorder segmentation fault when track type is changed during capture - CVE-2018-12359: Buffer overflow using computed size of canvas element Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 111743 published 2018-08-15 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111743 title SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2018:2322-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2018:2322-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(111743); script_version("1.7"); script_cvs_date("Date: 2019/09/10 13:51:48"); script_cve_id("CVE-2018-12359", "CVE-2018-12360", "CVE-2018-12362", "CVE-2018-12363", "CVE-2018-12364", "CVE-2018-12365", "CVE-2018-12366", "CVE-2018-12368", "CVE-2018-5156", "CVE-2018-5188"); script_name(english:"SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2018:2322-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for MozillaFirefox to version ESR 52.9 fixes the following issues : - CVE-2018-5188: Various memory safety bugs (bsc#1098998) - CVE-2018-12368: No warning when opening executable SettingContent-ms files - CVE-2018-12366: Invalid data handling during QCMS transformations - CVE-2018-12365: Compromised IPC child process can list local filenames - CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins - CVE-2018-12363: Use-after-free when appending DOM nodes - CVE-2018-12362: Integer overflow in SSSE3 scaler - CVE-2018-12360: Use-after-free when using focus() - CVE-2018-5156: Media recorder segmentation fault when track type is changed during capture - CVE-2018-12359: Buffer overflow using computed size of canvas element Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1098998" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12359/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12360/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12362/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12363/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12364/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12365/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12366/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12368/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-5156/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-5188/" ); # https://www.suse.com/support/update/announcement/2018/suse-su-20182322-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?5bfbc39e" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE OpenStack Cloud 7:zypper in -t patch SUSE-OpenStack-Cloud-7-2018-1560=1 SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-1560=1 SUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-1560=1 SUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-1560=1 SUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-1560=1 SUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-1560=1 SUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-1560=1 SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-2018-1560=1 SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-1560=1 SUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2018-1560=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/10/18"); script_set_attribute(attribute:"patch_publication_date", value:"2018/08/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/15"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(0|1|2|3)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0/1/2/3", os_ver + " SP" + sp); if (os_ver == "SLED12" && (! preg(pattern:"^(3)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP3", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"1", reference:"MozillaFirefox-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"MozillaFirefox-debuginfo-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"MozillaFirefox-debugsource-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"MozillaFirefox-devel-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"MozillaFirefox-translations-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"MozillaFirefox-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"MozillaFirefox-debuginfo-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"MozillaFirefox-debugsource-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"MozillaFirefox-devel-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"MozillaFirefox-translations-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"MozillaFirefox-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"MozillaFirefox-debuginfo-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"MozillaFirefox-debugsource-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"MozillaFirefox-translations-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"MozillaFirefox-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"MozillaFirefox-debuginfo-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"MozillaFirefox-debugsource-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"MozillaFirefox-devel-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"MozillaFirefox-translations-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"MozillaFirefox-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"MozillaFirefox-debuginfo-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"MozillaFirefox-debugsource-52.9.0esr-109.38.2")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"MozillaFirefox-translations-52.9.0esr-109.38.2")) flag++; if (flag) { set_kb_item(name:'www/0/XSRF', value:TRUE); if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox"); }NASL family MacOS X Local Security Checks NASL id MACOSX_FIREFOX_60_1_ESR.NASL description The version of Mozilla Firefox ESR installed on the remote macOS or Mac OS X host is prior to 60.1. It is, therefore, affected by multiple vulnerabilities, some of which allow code execution and potentially exploitable crashes. last seen 2020-06-01 modified 2020-06-02 plugin id 110808 published 2018-06-29 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110808 title Mozilla Firefox ESR < 60.1 Multiple Vulnerabilities (macOS) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201810-01.NASL description The remote host is affected by the vulnerability described in GLSA-201810-01 (Mozilla Firefox: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the referenced CVE identifiers for details. Impact : A remote attacker could entice a user to view a specially crafted web page, possibly resulting in the execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, spoof the address bar, conduct clickjacking attacks, bypass security restrictions and protection mechanisms, or have other unspecified impact. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 117894 published 2018-10-03 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117894 title GLSA-201810-01 : Mozilla Firefox: Multiple vulnerabilities NASL family Windows NASL id MOZILLA_THUNDERBIRD_52_9.NASL description The version of Mozilla Thunderbird installed on the remote Windows host is prior to 52.9. It is, therefore, affected by multiple vulnerabilities. last seen 2020-06-01 modified 2020-06-02 plugin id 111044 published 2018-07-12 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111044 title Mozilla Thunderbird < 52.9 Multiple Vulnerabilities NASL family Windows NASL id MOZILLA_FIREFOX_60_1_ESR.NASL description The version of Mozilla Firefox ESR installed on the remote Windows host is prior to 60.1. It is, therefore, affected by multiple critical and high severity vulnerabilities. last seen 2020-06-01 modified 2020-06-02 plugin id 110810 published 2018-06-29 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110810 title Mozilla Firefox ESR < 60.1 Multiple Critical Vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2298-1.NASL description This update for MozillaFirefox to the 52.9 ESR release fixes the following issues: These security issues were fixed : - Firefox ESR 52.9 : - CVE-2018-5188 Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9 (bsc#1098998). - CVE-2018-12368 No warning when opening executable SettingContent-ms files (bsc#1098998). - CVE-2018-12366 Invalid data handling during QCMS transformations (bsc#1098998). - CVE-2018-12365 Compromised IPC child process can list local filenames (bsc#1098998). - CVE-2018-12364 CSRF attacks through 307 redirects and NPAPI plugins (bsc#1098998). - CVE-2018-12363 Use-after-free when appending DOM nodes (bsc#1098998). - CVE-2018-12362 Integer overflow in SSSE3 scaler (bsc#1098998). - CVE-2018-12360 Use-after-free when using focus() (bsc#1098998). - CVE-2018-5156 Media recorder segmentation fault when track type is changed during capture (bsc#1098998). - CVE-2018-12359 Buffer overflow using computed size of canvas element (bsc#1098998). - Firefox ESR 52.8 : - CVE-2018-6126: Prevent heap buffer overflow in rasterizing paths in SVG with Skia (bsc#1096449). - CVE-2018-5183: Backport critical security fixes in Skia (bsc#1092548). - CVE-2018-5154: Use-after-free with SVG animations and clip paths (bsc#1092548). - CVE-2018-5155: Use-after-free with SVG animations and text paths (bsc#1092548). - CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files (bsc#1092548). - CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer (bsc#1092548). - CVE-2018-5159: Integer overflow and out-of-bounds write in Skia (bsc#1092548). - CVE-2018-5168: Lightweight themes can be installed without user interaction (bsc#1092548). - CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (bsc#1092548). - CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (bsc#1092548). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-19 modified 2019-01-02 plugin id 120074 published 2019-01-02 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120074 title SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2018:2298-1) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_CD81806C26E74D4A842502724A2F48AF.NASL description Mozilla Foundation reports : CVE-2018-12359: Buffer overflow using computed size of canvas element CVE-2018-12360: Use-after-free when using focus() CVE-2018-12361: Integer overflow in SwizzleData CVE-2018-12358: Same-origin bypass using service worker and redirection CVE-2018-12362: Integer overflow in SSSE3 scaler CVE-2018-5156: Media recorder segmentation fault when track type is changed during capture CVE-2018-12363: Use-after-free when appending DOM nodes CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins CVE-2018-12365: Compromised IPC child process can list local filenames CVE-2018-12371: Integer overflow in Skia library during edge builder allocation CVE-2018-12366: Invalid data handling during QCMS transformations CVE-2018-12367: Timing attack mitigation of PerformanceNavigationTiming CVE-2018-12368: No warning when opening executable SettingContent-ms files CVE-2018-12369: WebExtension security permission checks bypassed by embedded experiments CVE-2018-12370: SameSite cookie protections bypassed when exiting Reader View CVE-2018-5186: Memory safety bugs fixed in Firefox 61 CVE-2018-5187: Memory safety bugs fixed in Firefox 60 and Firefox ESR 60.1 CVE-2018-5188: Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9 last seen 2020-06-01 modified 2020-06-02 plugin id 110700 published 2018-06-27 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110700 title FreeBSD : mozilla -- multiple vulnerabilities (cd81806c-26e7-4d4a-8425-02724a2f48af) NASL family MacOS X Local Security Checks NASL id MACOS_FIREFOX_61_0_0.NASL description The version of Mozilla Firefox installed on the remote macOS or Mac OS X host is prior to 61. It is, therefore, affected by multiple critical and high severity vulnerabilities. last seen 2020-06-01 modified 2020-06-02 plugin id 110806 published 2018-06-29 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110806 title Mozilla Firefox < 61 Multiple Critical Vulnerabilities (macOS) NASL family Windows NASL id MOZILLA_THUNDERBIRD_60_0.NASL description The version of Mozilla Thunderbird installed on the remote Windows host is prior to 60.0. It is, therefore, affected by multiple vulnerabilities. last seen 2020-06-01 modified 2020-06-02 plugin id 111981 published 2018-08-20 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111981 title Mozilla Thunderbird < 60.0 Multiple Vulnerabilities NASL family MacOS X Local Security Checks NASL id MACOSX_THUNDERBIRD_52_9.NASL description The version of Mozilla Thunderbird installed on the remote OSX host is prior to 52.9. It is, therefore, affected by multiple vulnerabilities. last seen 2020-06-01 modified 2020-06-02 plugin id 111043 published 2018-07-12 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111043 title Mozilla Thunderbird < 52.9 Multiple Vulnerabilities (macOS) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2325-1.NASL description This update for MozillaFirefox to version ESR 52.9 fixes the following issues : - CVE-2018-5188: Various memory safety bugs (bsc#1098998) - CVE-2018-12368: No warning when opening executable SettingContent-ms files - CVE-2018-12366: Invalid data handling during QCMS transformations - CVE-2018-12365: Compromised IPC child process can list local filenames - CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins - CVE-2018-12363: Use-after-free when appending DOM nodes - CVE-2018-12362: Integer overflow in SSSE3 scaler - CVE-2018-12360: Use-after-free when using focus() - CVE-2018-5156: Media recorder segmentation fault when track type is changed during capture - CVE-2018-12359: Buffer overflow using computed size of canvas element Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 111745 published 2018-08-15 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111745 title SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2018:2325-1)
References
- https://www.mozilla.org/security/advisories/mfsa2018-19/
- https://www.mozilla.org/security/advisories/mfsa2018-18/
- https://www.mozilla.org/security/advisories/mfsa2018-17/
- https://www.mozilla.org/security/advisories/mfsa2018-16/
- https://www.mozilla.org/security/advisories/mfsa2018-15/
- https://posts.specterops.io/the-tale-of-settingcontent-ms-files-f1ea253e4d39
- https://bugzilla.mozilla.org/show_bug.cgi?id=1468217
- http://www.securitytracker.com/id/1041193
- http://www.securityfocus.com/bid/104560
- https://security.gentoo.org/glsa/201810-01