It is potentially exploitable, and users who encounter this issue should update as soon as possible. WebExtensions are a new type of add-on that allows for more functionality than traditional add-ons, such as the ability to run background scripts. This functionality is provided by Google through the WebExtensions API. A vulnerability was found in the way that certain types of add-ons interact with the WebExtensions API. This could lead to add-ons unintentionally leaking information, incorrect information being communicated, or potentially exploitable crashes. The most common type of add-ons that are affected by this issue are session history navigations. This vulnerability has been assigned the following CVE identifier: CVE-2018-1285. session history navigations may have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11. It is potentially exploitable, and users who encounter this issue should update as soon as possible.
How Does This Vulnerability Work?
The vulnerability exists in the way that certain types of add-ons interact with the WebExtensions API. The WebExtensions API is part of Google's implementation of the WebExtension standard, which was first introduced in Firefox 57 and Thunderbird 60. The following code snippet demonstrates an example situation where this issue could occur:
let ext = new WebExtension({
WebExtensionAPI: window.WebExtensionAPI,
});
ext.onInstalled.addListener(function() {
var sessionHistory = ext.sessionHistory;
for (var i = 0; i
What is the Firefox Add-on SDK?
The Firefox Add-on SDK is an open source add-on development framework that lets developers create and distribute add-ons without relying on Mozilla's infrastructure. It also provides a way for users to install extensions from outside the Mozilla Marketplace through the use of .xpi files.
Mozilla is aware of this issue and has provided mitigation in Firefox, Thunderbird, and SeaMonkey.
Potential Benefits of Updating
The update contains two main fixes: one is a fix for a use-after-free and other is a fix for a crash from a possible use-after-free.
Both of these fixes will prevent certain types of crashes, which is the only reason we recommend updating. For those who want to help with vulnerability research, Firefox would like to know about any crashes that you encounter during the update process so that they can be investigated further.
What happens if an user is vulnerable to this?
This vulnerability could lead to a use-after-free and potentially exploitable crash. If this vulnerability affects a system, it could cause an exploitable crash and possibly lead to remote code execution with no user interaction.
How Does This Affect Firefox Users?
This vulnerability affects Firefox users who have installed the latest version of the WebExtensions API. This vulnerability has been assigned the following CVE identifier: CVE-2018-1285.
Timeline
Published on: 12/22/2022 20:15:00 UTC
Last modified on: 01/04/2023 15:52:00 UTC