Other IDs this deficiency may be known by:
|Date Last Modified
Version Specific Information:
|Cucumber 1.0 i686||fixed in palemoon-27.9.2-i686-1 |
|Cucumber 1.0 x86_64||fixed in palemoon-27.9.2-x86_64-1 |
|Cucumber 1.1 i686
||fixed in palemoon-27.9.2-i686-1 |
|Cucumber 1.1 x86_64
||fixed in palemoon-27.9.2-x86_64-1 |
Details from https://www.palemoon.org/releasenotes.shtml:
We changed the language strings for softblocked items so people will cry less
when we do our job.
(CVE-2018-5174) Prevent potential SmartScreen bypass on Windows 10.
(CVE-2018-5173) Fixed an issue in the Downloads panel improperly rendering some
Unicode characters, allowing for the file name to be spoofed. This
could be used to obscure the file extension of potentially executable
files from user view in the panel.
(CVE-2018-5177) Fixed a vulnerability in the XSLT component leading to a buffer
overflow and crash if it occurs.
(CVE-2018-5159) Fixed an integer overflow vulnerability in the Skia library
resulting in possible out-of-bounds writes.
(CVE-2018-5154) Fixed a use-after-free vulnerability while enumerating
attributes during SVG animations with clip paths.
(CVE-2018-5178) Fixed a buffer overflow during UTF8 to Unicode string
vulnerability requires the use of a malicious or vulnerable extension
in order to occur.
Fixed several stability issues (crashes) and memory safety hazards.