CVE-2018-12365 (retired)

Priority
Description
A compromised IPC child process can escape the content sandbox and list the
names of arbitrary files on the file system without user consent or
interaction. This could result in exposure of private local files. This
vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR <
60.1, Firefox ESR < 52.9, and Firefox < 61.
Assigned-to
chrisccoulson
Package
Upstream:released (61.0)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (61.0+build3-0ubuntu0.16.04.2)
Ubuntu 18.04 LTS (Bionic Beaver):released (61.0+build3-0ubuntu0.18.04.1)
Package
Priority: Low
Upstream:released (52.9.0)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (1:52.9.1+build3-0ubuntu0.16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (1:52.9.1+build3-0ubuntu0.18.04.1)
More Information

Updated: 2019-08-23 09:28:38 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)