CVE-2018-5121: Input Validation

Reference Links

• https://bugzilla.mozilla.org/show_bug.cgi?id=1402368
• https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/
• https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5107
• http://www.securityfocus.com/bid/102786
• http://www.securitytracker.com/id/1040270
• https://www.mozilla.org/security/advisories/mfsa2018-02/

Parent vulnerabilities

(Appears in the following advisories)

• MFSA2018-02

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2018-5091
• CVE-2018-5092
• CVE-2018-5093
• CVE-2018-5094
• CVE-2018-5095
• CVE-2018-5097
• CVE-2018-5098
• CVE-2018-5099
• CVE-2018-5100
• CVE-2018-5101
• CVE-2018-5102
• CVE-2018-5103
• CVE-2018-5104
• CVE-2018-5105
• CVE-2018-5106
• CVE-2018-5107
• CVE-2018-5108
• CVE-2018-5109
• CVE-2018-5110
• CVE-2018-5111
• CVE-2018-5112
• CVE-2018-5113
• CVE-2018-5114
• CVE-2018-5115
• CVE-2018-5116
• CVE-2018-5117
• CVE-2018-5118
• CVE-2018-5119
• CVE-2018-5121
• CVE-2018-5122
• CVE-2018-5090
• CVE-2018-5089

Frequently Asked Questions

• What is CVE-2018-5121?

  CVE-2018-5121 is a vulnerability that affects certain fonts in Mozilla Firefox on OS X, allowing for domain name spoofing attacks.

• How does CVE-2018-5121 affect OS X?

  CVE-2018-5121 affects OS X by causing low descenders on some Tibetan characters in certain fonts to be clipped when rendered in the address bar.

• Does CVE-2018-5121 affect other operating systems?

  No, CVE-2018-5121 only affects OS X operating systems.

• What is the severity of CVE-2018-5121?

  CVE-2018-5121 has a severity score of 5.3 (medium).

• How can CVE-2018-5121 be fixed?

  To fix CVE-2018-5121, update Mozilla Firefox to version 58 or later.