Home

CVE-2018-12387

Description

A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content process. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.

Risk Information

Base Score
9.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS Score
Exploitation Probability
33.401

Associated Vulnerability

VulnerabilityOS Platform
Vulnerability CVE-2018-12386,CVE-2018-12387 are affected in Mozilla Firefox 62.0.2Windows
Vulnerabilities CVE-2018-12383,CVE-2018-12385,CVE-2018-12386,CVE-2018-12387 are affected in Firefox ESR for Mac 60.2.0Mac
Vulnerabilities CVE-2018-12383,CVE-2018-12385,CVE-2018-12386,CVE-2018-12387 are affected in Mozilla Firefox for Mac 60.2.0Mac
Vulnerabilities CVE-2018-12386,CVE-2018-12387 are affected in Mozilla Firefox for Mac 62.0.2Mac
firefox-esr security update(DSA-4310-1) firefox-esr_60.2.2esr-1~deb9u1_i386.debLinux
firefox-esr security update(DSA-4310-1) firefox-esr_60.2.2esr-1~deb9u1_amd64.debLinux
(RHSA-2018:2881) firefox security update firefox-60.2.2-1.el6.i686.rpmLinux
(RHSA-2018:2881) firefox security update firefox-60.2.2-1.el6.x86_64.rpmLinux
(RHSA-2018:2884) firefox security update firefox-60.2.2-1.el7_5.i686.rpmLinux
(RHSA-2018:2884) firefox security update firefox-60.2.2-1.el7_5.x86_64.rpmLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-343015Mozilla Firefox (132.0.2)
PATCH-611808Mozilla Firefox ESR for MAC 128.14.0
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-611870Mozilla Firefox For Mac (142.0.1)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234