Main Vulnerability Database Vulnerabilities #VU10193

Security restrictions bypass in Mozilla Firefox - CVE-2018-5110

Published: January 24, 2018

Vulnerability identifier: #VU10193

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2018-5110

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Mozilla

Affected software:
Mozilla Firefox

Detailed vulnerability description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The vulnerability exists due to an error when the cursor visibility is toggled by script using from 'none' to an image and back through script. A remote attacker can bypass security restrictions and make the cursor temporarily invisible within Firefox.

How to mitigate CVE-2018-5110

Update to version 58.0.

Sources

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/

Security restrictions bypass in Mozilla Firefox - CVE-2018-5110

Detailed vulnerability description

How to mitigate CVE-2018-5110

Sources

Please verify you're human