{"id":"MGASA-2018-0483","summary":"Updated firefox packages fix security vulnerabilities","details":"A buffer overflow and out-of-bounds read can occur in TextureStorage11\nwithin the ANGLE graphics library, used for WebGL content. This results\nin a potentially exploitable crash (CVE-2018-17466).\n\nA use-after-free vulnerability can occur after deleting a selection\nelement due to a weak reference to the select element in the options\ncollection. This results in a potentially exploitable crash\n(CVE-2018-18492).\n\nA buffer overflow can occur in the Skia library during buffer offset\ncalculations with hardware accelerated canvas 2D actions due to the use\nof 32-bit calculations instead of 64-bit. This results in a potentially\nexploitable crash (CVE-2018-18493).\n\nA same-origin policy violation allowing the theft of cross-origin URL\nentries when using the Javascript location property to cause a\nredirection to another site using performance.getEntries(). This is a\nsame-origin policy violation and could allow for data theft\n(CVE-2018-19494).\n\nA potential vulnerability leading to an integer overflow can occur during\nbuffer size calculations for images when a raw value is used instead of\nthe checked value. This leads to a possible out-of-bounds write\n(CVE-2018-18498).\n\nMemory safety bugs present in Firefox ESR 60.3, some of which showed\nevidence of memory corruption and we presume that with enough effort\nthat some of these could be exploited to run arbitrary code\n(CVE-2018-12405).\n","modified":"2026-02-01T00:22:00.742743Z","published":"2018-12-15T21:29:48Z","related":["CVE-2018-12405","CVE-2018-17466","CVE-2018-18492","CVE-2018-18493","CVE-2018-18494","CVE-2018-18498"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0483.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=23991"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/"}],"affected":[{"package":{"name":"firefox","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/firefox?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"60.4.0-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0483.json"}},{"package":{"name":"firefox-l10n","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/firefox-l10n?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"60.4.0-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0483.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}