Vulnerabilities > Mozilla > Firefox > 58

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2018-5129 Out-of-bounds Write vulnerability in multiple products
A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages.
network
low complexity
debian mozilla redhat canonical CWE-787
8.6
8.6
2018-06-11 CVE-2018-5128 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when manipulating elements, events, and selection ranges during editor operations.
network
low complexity
mozilla canonical CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2018-5127 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script.
network
low complexity
redhat debian canonical mozilla CWE-119
8.8
8.8
2018-06-11 CVE-2018-5126 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 58.
network
low complexity
mozilla canonical CWE-119
critical
 9.8
9.8
2018-06-11 CVE-2018-5125 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6.
network
low complexity
canonical redhat debian mozilla CWE-119
8.8
8.8
2018-06-11 CVE-2018-5117 If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL.
network
low complexity
debian redhat mozilla canonical
5.3
5.3
2018-06-11 CVE-2018-5104 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash.
network
low complexity
debian redhat mozilla canonical CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2018-5103 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur during mouse event handling due to issues with multiprocess support.
network
low complexity
debian redhat mozilla canonical CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2018-5102 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash.
network
low complexity
debian redhat mozilla canonical CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2018-5099 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when the widget listener is holding strong references to browser objects that have previously been freed, resulting in a potentially exploitable crash when these references are used.
network
low complexity
debian redhat mozilla canonical CWE-416
critical
 9.8
9.8