Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
21 Nov 2024, 04:08
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/103388 - Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id/1040514 - Third Party Advisory, VDB Entry | |
References | () https://access.redhat.com/errata/RHSA-2018:0526 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:0527 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:0647 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:0648 - Third Party Advisory | |
References | () https://bugzilla.mozilla.org/buglist.cgi?bug_id=1416529%2C1434580%2C1434384%2C1437450%2C1437507%2C1426988%2C1438425%2C1324042%2C1437087%2C1443865%2C1425520 - Issue Tracking | |
References | () https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html - Mailing List, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html - Mailing List, Third Party Advisory | |
References | () https://security.gentoo.org/glsa/201810-01 - Third Party Advisory | |
References | () https://security.gentoo.org/glsa/201811-13 - Third Party Advisory | |
References | () https://usn.ubuntu.com/3545-1/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3596-1/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3688-1/ - Third Party Advisory | |
References | () https://www.debian.org/security/2018/dsa-4139 - Third Party Advisory | |
References | () https://www.debian.org/security/2018/dsa-4155 - Third Party Advisory | |
References | () https://www.mozilla.org/security/advisories/mfsa2018-06/ - Vendor Advisory | |
References | () https://www.mozilla.org/security/advisories/mfsa2018-07/ - Vendor Advisory | |
References | () https://www.mozilla.org/security/advisories/mfsa2018-09/ - Vendor Advisory |
Information
Published : 2018-06-11 21:29
Updated : 2024-11-21 04:08
NVD link : CVE-2018-5125
Mitre link : CVE-2018-5125
CVE.ORG link : CVE-2018-5125
JSON object : View
Products Affected
redhat
- enterprise_linux_workstation
- enterprise_linux_server
- enterprise_linux_desktop
mozilla
- thunderbird
- firefox
- firefox_esr
debian
- debian_linux
canonical
- ubuntu_linux
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer