Release Security Updates (December 21, 2018)

Ref# Mozilla | Date: Jan 20th 2019


The Mozilla foundation has released several security vulnerability fixes for Firefox 64 and Firefox ESR 60.4. These vulnerabilities include 2 critical, 5 high, 3 moderate and 1 low rated impact.

The vulnerabilities addressed with these security updates are: 

  • Memory safety bugs fixed in Firefox 64 (CVE-2018-12406)

  • Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 (CVE-2018-12405)

  • Buffer overflow with ANGLE library when using vertexBuffer11 module (CVE-2018-12407)

  • Buffer overflow in accelerated 2D canvas with Skia (CVE-2018-18793)

  • Same-orgin policy violation using location attribute and performance.getEntries to steal cross-origin URLs

  • Integer overflow when calculating buffer sizes for images (CVE-2018-18498)


Mozilla Foundation Security