vulnerability
Oracle Solaris 11: CVE-2018-5168: Vulnerability in Firefox, Thunderbird
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:P/A:N) | Jun 11, 2018 | Jun 18, 2018 | Feb 1, 2022 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
Jun 11, 2018
Added
Jun 18, 2018
Modified
Feb 1, 2022
Description
Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
Solutions
oracle-solaris-11-3-upgrade-mail-thunderbird-52-8-0-0-175-3-33-0-4-0oracle-solaris-11-3-upgrade-mail-thunderbird-plugin-thunderbird-lightning-52-8-0-0-175-3-33-0-4-0oracle-solaris-11-3-upgrade-web-browser-firefox-52-8-0-0-175-3-33-0-4-0oracle-solaris-11-3-upgrade-web-browser-firefox-plugin-firefox-java-52-8-0-0-175-3-33-0-4-0oracle-solaris-11-3-upgrade-web-data-firefox-bookmarks-52-8-0-0-175-3-33-0-4-0
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.