Oval Definition:oval:org.opensuse.security:def:201812369
Revision Date:2022-06-30Version:1
Title:CVE-2018-12369
Description:

WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects Firefox ESR < 60.1 and Firefox < 61.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-12369
Mitre CVE-2018-12369
SUSE CVE-2018-12369
openSUSE-SU-2018:1833-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 42.3
openSUSE Tumbleweed
SUSE CaaS Platform 4.0
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Manager Proxy 4.0
SUSE Manager Retail Branch Server 4.0
SUSE Manager Server 4.0
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • MozillaFirefox-60.1.0-lp150.3.11 is installed
  • AND MozillaFirefox is signed with openSUSE key
  • OR
  • MozillaFirefox-branding-upstream-60.1.0-lp150.3.11 is installed
  • AND MozillaFirefox-branding-upstream is signed with openSUSE key
  • OR
  • MozillaFirefox-buildsymbols-60.1.0-lp150.3.11 is installed
  • AND MozillaFirefox-buildsymbols is signed with openSUSE key
  • OR
  • MozillaFirefox-devel-60.1.0-lp150.3.11 is installed
  • AND MozillaFirefox-devel is signed with openSUSE key
  • OR
  • MozillaFirefox-translations-common-60.1.0-lp150.3.11 is installed
  • AND MozillaFirefox-translations-common is signed with openSUSE key
  • OR
  • MozillaFirefox-translations-other-60.1.0-lp150.3.11 is installed
  • AND MozillaFirefox-translations-other is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • MozillaFirefox-60.1.0-106 is installed
  • AND MozillaFirefox is signed with openSUSE key
  • OR
  • MozillaFirefox-branding-upstream-60.1.0-106 is installed
  • AND MozillaFirefox-branding-upstream is signed with openSUSE key
  • OR
  • MozillaFirefox-buildsymbols-60.1.0-106 is installed
  • AND MozillaFirefox-buildsymbols is signed with openSUSE key
  • OR
  • MozillaFirefox-devel-60.1.0-106 is installed
  • AND MozillaFirefox-devel is signed with openSUSE key
  • OR
  • MozillaFirefox-translations-common-60.1.0-106 is installed
  • AND MozillaFirefox-translations-common is signed with openSUSE key
  • OR
  • MozillaFirefox-translations-other-60.1.0-106 is installed
  • AND MozillaFirefox-translations-other is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • MozillaFirefox-92.0-1.2 is installed
  • OR MozillaFirefox-branding-upstream-92.0-1.2 is installed
  • OR MozillaFirefox-devel-92.0-1.2 is installed
  • OR MozillaFirefox-translations-common-92.0-1.2 is installed
  • OR MozillaFirefox-translations-other-92.0-1.2 is installed
    • Definition Synopsis
  • Release Information
  • SUSE CaaS Platform 4.0 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND Package Information
  • MozillaFirefox is affected
  • OR MozillaFirefox-devel is affected
  • OR MozillaFirefox-translations-common is affected
  • OR MozillaFirefox-translations-other is affected
    • Definition Synopsis
  • Release Information
  • SUSE Manager Proxy 4.0 is installed
  • OR SUSE Manager Retail Branch Server 4.0 is installed
  • OR SUSE Manager Server 4.0 is installed
  • AND MozillaFirefox is affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND
  • MozillaFirefox is affected
  • OR MozillaFirefox-devel is affected
  • OR MozillaFirefox-translations-common is affected
  • OR MozillaFirefox-translations-other is affected
    • BACK