Vulnerability Advisory on Linux Gentoo – Mozilla Firefox

by taranis

Advisory ID: BGD-2019-0002

Version: 1.01

Probability: medium

Damage: high

Publication date: 2019-03-11

Description: Multiple vulnerabilities have been discovered in Mozilla Firefox.
Please review the CVE identifiers referenced below for details.

Impact: A remote attacker could entice a user to view a specially crafted web page possibly resulting in the execution of arbitrary code with the privileges of the process or cause a Denial of Service condition.

Product(s) affected:

• All Linux distributions

Platform(s) affected:

• Huawei 5310HI Firmware
• Huawei 5700HI Firmware
• Linux Gentoo

Mitigation: All Mozilla FireFox users should upgrade to the latest version:

# emerge –sync
# emerge –ask –oneshot –verbose ">=www-client/firefox-60.5.1"

All Mozilla FireFox bin users should upgrade to the latest version:

# emerge –sync
# emerge –ask –oneshot –verbose ">=www-client/firefox-bin-60.5.1"

Administrators are advised to update the affected systems without delay.

Reference URL’s:

• [ 7 ] CVE-2018-18500
• [ 8 ] CVE-2018-18501
• [ 6 ] CVE-2018-18498
• https://nvd.nist.gov/vuln/detail/CVE-2018-18494
• https://nvd.nist.gov/vuln/detail/CVE-2018-12405
• https://nvd.nist.gov/vuln/detail/CVE-2018-18493
• https://www.linuxsecurity.com/advisories/gentoo/gentoo-glsa-201903-04-mozilla-firefox-multiple-vulnerabilities?rss
• [ 4 ] CVE-2018-18493
• [ 3 ] CVE-2018-18492
• https://nvd.nist.gov/vuln/detail/CVE-2018-18492
• https://nvd.nist.gov/vuln/detail/CVE-2018-18501
• [ 5 ] CVE-2018-18494
• https://nvd.nist.gov/vuln/detail/CVE-2018-18500
• [ 9 ] CVE-2018-18505
• [ 1 ] CVE-2018-12405
• https://nvd.nist.gov/vuln/detail/CVE-2018-18356
• https://nvd.nist.gov/vuln/detail/CVE-2019-5785
• https://nvd.nist.gov/vuln/detail/CVE-2018-18505
• https://nvd.nist.gov/vuln/detail/CVE-2018-18498
• [ 10 ] CVE-2019-5785
• [ 2 ] CVE-2018-18356

taranis