Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2018-12359

A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

Related bugs and status

CVE-2018-12359 (Candidate) is related to these bugs:

Bug #1791477: Thunderbird Multiple Security Vulnerabilities

Summary				In	Importance	Status
	1791477	Thunderbird Multiple Security Vulnerabilities		thunderbird (Ubuntu)	Undecided	New

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugzilla.mozil...
CONFIRM: https://www.mozilla.or...
CONFIRM: https://www.mozilla.or...
CONFIRM: https://www.mozilla.or...
CONFIRM: https://www.mozilla.or...
CONFIRM: https://www.mozilla.or...
MLIST: [debian-lts-announce] ...
MLIST: [debian-lts-announce] ...
DEBIAN: DSA-4235
DEBIAN: DSA-4244
REDHAT: RHSA-2018:2112
REDHAT: RHSA-2018:2113
REDHAT: RHSA-2018:2251
REDHAT: RHSA-2018:2252
UBUNTU: USN-3705-1
UBUNTU: USN-3714-1
BID: 104555
SECTRACK: 1041193
GENTOO: GLSA-201810-01
GENTOO: GLSA-201811-13