Oval Definition:	oval:com.ubuntu.bionic:def:2018184990000000
Revision Date: 2019-02-28 Version: 1 Title: CVE-2018-18499 on Ubuntu 18.04 LTS (bionic) - medium. Description: A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-18499 Platform(s): Ubuntu 18.04 LTS Product(s): Definition Synopsis Ubuntu 18.04 LTS (bionic) is installed. AND Package Information firefox package in bionic was vulnerable but has been fixed (note: '62.0+build2-0ubuntu1'). OR mozjs38 package in bionic is affected and may need fixing. OR mozjs52 package in bionic is affected and may need fixing. OR thunderbird package in bionic was vulnerable but has been fixed (note: '1:60.2.1+build1-0ubuntu0.18.04.2').
BACK