Vulncode-DB
  • Home
  • About
  • Deprecation
  • News
    Login/Register
  •  
  • Issues 
    File a bug Feature request
  • Slack
  • Twitter
Note:

This project will be discontinued after December 13, 2021. [more]

    CVE-2018-18492 (NVD)

    2019-02-28

    A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.

    Products Ubuntu_linux, Debian_linux, Firefox, Firefox_esr, Thunderbird, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation
    Type Use After Free (CWE-416)
    First patch - None (likely due to unavailable code)
    Links • https://www.debian.org/security/2019/dsa-4362
    • https://access.redhat.com/errata/RHSA-2019:0159
    • https://lists.debian.org/debian-lts-announce/2018/12/msg00002.html
    • https://access.redhat.com/errata/RHSA-2018:3833
    • https://www.debian.org/security/2018/dsa-4354
    More/Less (10)
    • http://www.securityfocus.com/bid/106168
    • https://www.mozilla.org/security/advisories/mfsa2018-31/
    • https://access.redhat.com/errata/RHSA-2019:0160
    • https://usn.ubuntu.com/3868-1/
    • https://bugzilla.mozilla.org/show_bug.cgi?id=1499861
    • https://www.mozilla.org/security/advisories/mfsa2018-29/
    • https://access.redhat.com/errata/RHSA-2018:3831
    • https://security.gentoo.org/glsa/201903-04
    • https://usn.ubuntu.com/3844-1/
    • https://www.mozilla.org/security/advisories/mfsa2018-30/

    Disclaimer: Vulncode-DB is not an officially supported Google product. Terms of Use
    See the vulncode-db repository for more information.


    Running version: bffd1467df54d98e5271ec977330365d5879b60d (2021-11-29 03:52:21)