5.3

CVE-2018-5165

Exploit

EPSS 0.77%
Published 11.06.2018 21:29:15
Last modified 21.11.2024 04:08:15
Source security@mozilla.org
Teams watchlist Login
Open Login

In 32-bit versions of Firefox, the Adobe Flash plugin setting for "Enable Adobe Flash protected mode" is unchecked by default even though the Adobe Flash sandbox is actually enabled. The displayed state is the reverse of the true setting, resulting in user confusion. This could cause users to select this setting intending to activate it and inadvertently turn protections off. This vulnerability affects Firefox < 60.

Affected products Warnungen 0 Metrics 3 CWE 0 References 7

Data is provided by the National Vulnerability Database (NVD)

Mozilla ≫ Firefox HwPlatformx86 Version < 60.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.77%	0.726

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

http://www.securitytracker.com/id/1040896

Third Party Advisory

VDB Entry

https://www.mozilla.org/security/advisories/mfsa2018-11/

Vendor Advisory

http://www.securityfocus.com/bid/104139

Third Party Advisory

VDB Entry

https://bugzilla.mozilla.org/show_bug.cgi?id=1451452

Patch

Vendor Advisory

Exploit

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2018-5165

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-5165

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-5165

EUVD