The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

computer vulnerability announce CVE-2018-5150 CVE-2018-5151 CVE-2018-5152

Firefox: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Firefox.
Severity of this bulletin: 4/4.
Number of vulnerabilities in this bulletin: 29.
Creation date: 09/05/2018.
Références of this threat: bulletinapr2018, CERTFR-2018-AVI-230, CVE-2018-5150, CVE-2018-5151, CVE-2018-5152, CVE-2018-5153, CVE-2018-5154, CVE-2018-5155, CVE-2018-5157, CVE-2018-5158, CVE-2018-5159, CVE-2018-5160, CVE-2018-5163, CVE-2018-5164, CVE-2018-5165, CVE-2018-5166, CVE-2018-5167, CVE-2018-5168, CVE-2018-5169, CVE-2018-5172, CVE-2018-5173, CVE-2018-5174, CVE-2018-5175, CVE-2018-5176, CVE-2018-5177, CVE-2018-5178, CVE-2018-5179, CVE-2018-5180, CVE-2018-5181, CVE-2018-5182, CVE-2018-5183, DLA-1376-1, DSA-4199-1, FEDORA-2018-3f177356b0, FEDORA-2018-5c92e2a4ad, FEDORA-2018-f00e9aa912, FEDORA-2019-7f7489dc8c, MFSA-2018-11, MFSA-2018-12, openSUSE-SU-2018:1212-1, RHSA-2018:1414-01, RHSA-2018:1415-01, SSA:2018-129-01, SSA:2019-247-01, SUSE-SU-2018:1319-1, SUSE-SU-2018:1334-1, SUSE-SU-2018:2298-1, SUSE-SU-2019:2872-1, USN-3645-1, USN-3645-2, USN-3688-1, VIGILANCE-VUL-26085.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of Firefox.
Full Vigil@nce bulletin... (Free trial)

This cybersecurity bulletin impacts software or systems such as Debian, Fedora, Firefox, SeaMonkey, openSUSE Leap, Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.

Our Vigil@nce team determined that the severity of this cybersecurity weakness is critical.

The trust level is of type confirmed by the editor, with an origin of document.

This bulletin is about 29 vulnerabilities.

An attacker with a expert ability can exploit this computer vulnerability bulletin.

Solutions for this threat

Firefox: version 60.
The version 60 is fixed:
  https://www.mozilla.org/

Firefox: version 52.8.
The version 52.8 is fixed:
  https://www.mozilla.org/

Debian: new firefox-esr packages.
New packages are available:
  Debian 7: firefox-esr 52.8.0esr-1~deb7u1
  Debian 8: firefox-esr 52.8.0esr-1~deb8u1
  Debian 9: firefox-esr 52.8.0esr-1~deb9u1

Fedora 30: new seamonkey packages.
New packages are available:
  Fedora 30: seamonkey 2.49.5-1.fc30

Fedora: new firefox packages.
New packages are available:
  Fedora 27: firefox 60.0.1-1.fc27
  Fedora 28: firefox 60.0.1-1.fc28

openSUSE Leap 42.3: new MozillaFirefox packages.
New packages are available:
  openSUSE Leap 42.3: MozillaFirefox 52.8.0-89.1

Oracle Solaris: patch for third party software of April 2018 v3.
A patch is available:
  https://support.oracle.com/rs?type=doc&id=1448883.1

RHEL: new firefox packages.
New packages are available:
  RHEL 6: firefox 52.8.0-1.el6_9
  RHEL 7: firefox 52.8.0-1.el7_5

SeaMonkey: version 2.49.5.
The version 2.49.5 is fixed:
  http://www.seamonkey-project.org/

Slackware: new mozilla-firefox packages.
New packages are available:
  Slackware 14.2: mozilla-firefox 52.8.0esr-*-1_slack14.2

Slackware: new seamonkey packages.
New packages are available:
  Slackware 14.2: seamonkey 2.49.5-*-1_slack14.2

SUSE LE 11 SP3/4: new MozillaFirefox packages.
New packages are available:
  SUSE LE 11 SP3: MozillaFirefox 52.8.0esr-72.32.1
  SUSE LE 11 SP4: MozillaFirefox 52.8.0esr-72.32.1

SUSE LE 12: new MozillaFirefox packages (18/05/2018).
New packages are available:
  SUSE LE 12 RTM: MozillaFirefox 52.8.0esr-109.31.2
  SUSE LE 12 SP1: MozillaFirefox 52.8.0esr-109.31.2
  SUSE LE 12 SP2: MozillaFirefox 52.8.0esr-109.31.2
  SUSE LE 12 SP3: MozillaFirefox 52.8.0esr-109.31.2

SUSE LE 12: new MozillaFirefox packages (31/10/2019).
New packages are available:
  SUSE LE 12 SP1: MozillaFirefox 68.2.0-109.95.2
  SUSE LE 12 SP2: MozillaFirefox 68.2.0-109.95.2
  SUSE LE 12 SP3: MozillaFirefox 68.2.0-109.95.2
  SUSE LE 12 SP4: MozillaFirefox 68.2.0-109.95.2
  SUSE LE 12 SP5: MozillaFirefox 68.2.0-109.95.2

SUSE LE 15: new MozillaFirefox packages.
New packages are available:
  SUSE LE 15 RTM: MozillaFirefox 52.9.0esr-3.7.12

Ubuntu: new firefox packages.
New packages are available:
  Ubuntu 18.04 LTS: firefox 60.0.1+build2-0ubuntu0.18.04.1
  Ubuntu 17.10: firefox 60.0.1+build2-0ubuntu0.17.10.1
  Ubuntu 16.04 LTS: firefox 60.0.1+build2-0ubuntu0.16.04.1
  Ubuntu 14.04 LTS: firefox 60.0.1+build2-0ubuntu0.14.04.1

Ubuntu: new libmozjs-52-0 packages.
New packages are available:
  Ubuntu 18.04 LTS: libmozjs-52-0 52.8.1-0ubuntu0.18.04.1
  Ubuntu 17.10: libmozjs-52-0 52.8.1-0ubuntu0.17.10.1
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides system vulnerability bulletins. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce vulnerability database contains several thousand vulnerabilities.