Information disclosure vulnerability of passwords in Mozilla Firefox, Firefox ESR and Thunderbird - CVE-2018-12383 (Mac OS X)| ID: oval:org.secpod.oval:def:47384 | Date: (C)2018-09-07 (M)2023-12-20 |
| Class: VULNERABILITY | Family: macos |
Mozilla Firefox 62, Mozilla Firefox ESR 60.2.1, Mozilla Thunderbird 60.2.1 : If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Firefox 58. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations.
| Platform: |
| Apple Mac OS 14 |
| Apple Mac OS 13 |
| Apple Mac OS 12 |
| Apple Mac OS 11 |
| Apple Mac OS X 10.15 |
| Apple Mac OS X 10.9 |
| Apple Mac OS X 10.10 |
| Apple Mac OS X 10.11 |
| Apple Mac OS X 10.12 |
| Apple Mac OS X 10.13 |
| Apple Mac OS X 10.14 |
| Product: |
| Mozilla Firefox |
| Mozilla Firefox ESR |
| Mozilla Thunderbird |
