When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12379
Acknowledgments: Name: the Mozilla project Upstream: Holger Fuhrmannek
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:2692 https://access.redhat.com/errata/RHSA-2018:2692
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:2693 https://access.redhat.com/errata/RHSA-2018:2693
Statement: This flaw cannot be exploited through email in Thunderbird as scripting is disabled in this for email content. It may be possible to exploit through Feeds (Atom or RSS) or other browser-like contexts.
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:3403 https://access.redhat.com/errata/RHSA-2018:3403
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:3458 https://access.redhat.com/errata/RHSA-2018:3458