CVE-2018-18511 - OpenCVE

Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. *Note: This only affects Firefox 65. Previous versions are unaffected.*. This vulnerability affects Firefox < 65.0.1.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Mozilla	Firefox

Configuration 1 [-]

cpe:2.3:a:mozilla:firefox:65.0:*:*:*:*:*:*:*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html
https://access.redhat.com/errata/RHSA-2019:1265
https://access.redhat.com/errata/RHSA-2019:1267
https://access.redhat.com/errata/RHSA-2019:1269
https://access.redhat.com/errata/RHSA-2019:1308
https://access.redhat.com/errata/RHSA-2019:1309
https://access.redhat.com/errata/RHSA-2019:1310
https://bugzilla.mozilla.org/show_bug.cgi?id=1526218	Issue Tracking Permissions Required Vendor Advisory
https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html
https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html
https://seclists.org/bugtraq/2019/May/56
https://seclists.org/bugtraq/2019/May/59
https://seclists.org/bugtraq/2019/May/67
https://usn.ubuntu.com/3997-1/
https://www.debian.org/security/2019/dsa-4448
https://www.debian.org/security/2019/dsa-4451
https://www.mozilla.org/security/advisories/mfsa2019-04/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mozilla

Published: 2019-04-26T16:13:22

Updated: 2019-06-28T14:06:06

Reserved: 2018-10-19T00:00:00

Link: CVE-2018-18511

JSON object: View

NVD Information

Status : Modified

Published: 2019-04-26T17:29:00.447

Modified: 2019-06-10T15:29:00.307

Link: CVE-2018-18511

JSON object: View

Redhat Information

No data.

CWE

CWE-200

{"containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "65.0.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. *Note: This only affects Firefox 65. Previous versions are unaffected.*. This vulnerability affects Firefox < 65.0.1."}], "problemTypes": [{"descriptions": [{"description": "Cross-origin theft of images with ImageBitmapRenderingContext", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-06-28T14:06:06", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-04/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1526218"}, {"name": "20190522 [slackware-security] mozilla-firefox (SSA:2019-141-01)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2019/May/56"}, {"name": "20190523 [SECURITY] [DSA 4448-1] firefox-esr security update", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2019/May/59"}, {"name": "DSA-4448", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2019/dsa-4448"}, {"name": "[debian-lts-announce] 20190523 [SECURITY] [DLA 1800-1] firefox-esr security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html"}, {"name": "RHSA-2019:1265", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1265"}, {"name": "RHSA-2019:1267", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1267"}, {"name": "RHSA-2019:1269", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1269"}, {"name": "DSA-4451", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2019/dsa-4451"}, {"name": "20190527 [SECURITY] [DSA 4451-1] thunderbird security update", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2019/May/67"}, {"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1806-1] thunderbird security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html"}, {"name": "USN-3997-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3997-1/"}, {"name": "openSUSE-SU-2019:1484", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html"}, {"name": "RHSA-2019:1310", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1310"}, {"name": "RHSA-2019:1308", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1308"}, {"name": "RHSA-2019:1309", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1309"}, {"name": "openSUSE-SU-2019:1534", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html"}, {"name": "openSUSE-SU-2019:1664", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2018-18511", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Firefox", "version": {"version_data": [{"version_affected": "<", "version_value": "65.0.1"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. *Note: This only affects Firefox 65. Previous versions are unaffected.*. This vulnerability affects Firefox < 65.0.1."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Cross-origin theft of images with ImageBitmapRenderingContext"}]}]}, "references": {"reference_data": [{"name": "https://www.mozilla.org/security/advisories/mfsa2019-04/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2019-04/"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1526218", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1526218"}, {"name": "20190522 [slackware-security] mozilla-firefox (SSA:2019-141-01)", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/May/56"}, {"name": "20190523 [SECURITY] [DSA 4448-1] firefox-esr security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/May/59"}, {"name": "DSA-4448", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4448"}, {"name": "[debian-lts-announce] 20190523 [SECURITY] [DLA 1800-1] firefox-esr security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html"}, {"name": "RHSA-2019:1265", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1265"}, {"name": "RHSA-2019:1267", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1267"}, {"name": "RHSA-2019:1269", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1269"}, {"name": "DSA-4451", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4451"}, {"name": "20190527 [SECURITY] [DSA 4451-1] thunderbird security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/May/67"}, {"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1806-1] thunderbird security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html"}, {"name": "USN-3997-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3997-1/"}, {"name": "openSUSE-SU-2019:1484", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html"}, {"name": "RHSA-2019:1310", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1310"}, {"name": "RHSA-2019:1308", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1308"}, {"name": "RHSA-2019:1309", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1309"}, {"name": "openSUSE-SU-2019:1534", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html"}, {"name": "openSUSE-SU-2019:1664", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html"}]}}}}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2018-18511", "datePublished": "2019-04-26T16:13:22", "dateReserved": "2018-10-19T00:00:00", "dateUpdated": "2019-06-28T14:06:06", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:65.0:*:*:*:*:*:*:*", "matchCriteriaId": "C12FFDC7-6322-4EA0-9F56-B7A8816F195C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. *Note: This only affects Firefox 65. Previous versions are unaffected.*. This vulnerability affects Firefox < 65.0.1."}, {"lang": "es", "value": "Las im\u00e1genes de origen cruzado pueden leerse desde un elemento Canvas en violaci\u00f3n de la pol\u00edtica del mismo origen usando el m\u00e9todo transferFromImageBitmap. * Nota: Esto solo afecta a Firefox versi\u00f3n 65. Las versiones anteriores no est\u00e1n afectadas. *. Esta vulnerabilidad afecta a Firefox < a la versi\u00f3n 65.0.1."}], "id": "CVE-2018-18511", "lastModified": "2019-06-10T15:29:00.307", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-04-26T17:29:00.447", "references": [{"source": "security@mozilla.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html"}, {"source": "security@mozilla.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html"}, {"source": "security@mozilla.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html"}, {"source": "security@mozilla.org", "url": "https://access.redhat.com/errata/RHSA-2019:1265"}, {"source": "security@mozilla.org", "url": "https://access.redhat.com/errata/RHSA-2019:1267"}, {"source": "security@mozilla.org", "url": "https://access.redhat.com/errata/RHSA-2019:1269"}, {"source": "security@mozilla.org", "url": "https://access.redhat.com/errata/RHSA-2019:1308"}, {"source": "security@mozilla.org", "url": "https://access.redhat.com/errata/RHSA-2019:1309"}, {"source": "security@mozilla.org", "url": "https://access.redhat.com/errata/RHSA-2019:1310"}, {"source": "security@mozilla.org", "tags": ["Issue Tracking", "Permissions Required", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1526218"}, {"source": "security@mozilla.org", "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html"}, {"source": "security@mozilla.org", "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html"}, {"source": "security@mozilla.org", "url": "https://seclists.org/bugtraq/2019/May/56"}, {"source": "security@mozilla.org", "url": "https://seclists.org/bugtraq/2019/May/59"}, {"source": "security@mozilla.org", "url": "https://seclists.org/bugtraq/2019/May/67"}, {"source": "security@mozilla.org", "url": "https://usn.ubuntu.com/3997-1/"}, {"source": "security@mozilla.org", "url": "https://www.debian.org/security/2019/dsa-4448"}, {"source": "security@mozilla.org", "url": "https://www.debian.org/security/2019/dsa-4451"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-04/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}