A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/#CVE-2018-18498
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:3831 https://access.redhat.com/errata/RHSA-2018:3831
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:3833 https://access.redhat.com/errata/RHSA-2018:3833
Statement: In general, this flaw be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts.
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2019:0159 https://access.redhat.com/errata/RHSA-2019:0159
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:0160 https://access.redhat.com/errata/RHSA-2019:0160
Acknowledgments: Name: the Mozilla project Upstream: R (Zero Day LLC)