Integer Overflow Vulnerability in 32-bit Builds of Firefox and Thunderbird

Integer Overflow Vulnerability in 32-bit Builds of Firefox and Thunderbird

CVE-2018-12393 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit builds are not vulnerable to this issue.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.

Learn more about our Internal Network Penetration Testing.