VDB
DEBIAN-CVE-2018-12386
DEBIAN-CVE-2018-12386
PUBLISHED
CVSS 8.100000381469727 HIGH
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.
Risk Scores
CVSS v3.0
8.100000381469727
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | firefox-esr | 0, 0, 0 |
| Debian:11 | firefox-esr | 0, 0, 0 |
| Debian:14 | firefox-esr | 0, 0, 0 |
| Debian:12 | firefox-esr | 0, 0, 0 |
Timeline
- Oct 18, 2018 CVE Published
- Apr 28, 2026 CVE Updated