Published: 11/06/2018 Updated: 13/03/2019

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7.

Vulnerable Product	Search on Vulmon	Subscribe to Product
debian debian linux 7.0
debian debian linux 8.0
debian debian linux 9.0
redhat enterprise linux desktop 6.0
redhat enterprise linux server 6.0
redhat enterprise linux workstation 6.0
redhat enterprise linux server 7.0
redhat enterprise linux server aus 7.4
redhat enterprise linux server aus 7.6
redhat enterprise linux server eus 7.4
redhat enterprise linux server eus 7.5
redhat enterprise linux server eus 7.6
redhat enterprise linux server tus 7.4
redhat enterprise linux desktop 7.0
redhat enterprise linux workstation 7.0
redhat enterprise linux server tus 7.6
mozilla firefox esr
mozilla thunderbird
canonical ubuntu linux 16.04
canonical ubuntu linux 14.04
canonical ubuntu linux 17.10

Several security issues were fixed in Thunderbird ...

Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic An update for firefox is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, wh ...

Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic An update for firefox is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, wh ...

Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Topic An update for thunderbird is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) bas ...

Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Topic An update for thunderbird is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) bas ...

Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and other implementation errors may lead to the execution of arbitrary code, denial of service or information disclosure For the oldstable distribution (jessie), these problems have been fixed in version 5271esr-1~deb8u1 For the stable dist ...

Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or information disclosure For the oldstable distribution (jessie), these problems have been fixed in version 1:5270-1~deb8u1 For the stable distribution (stretch), these problems have been fixed in version 1:5270-1~deb ...

Memory safety bugs were reported in Firefox ESR 526 These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code This vulnerability affects Firefox ESR < 527 and Thunderbird < 527 ...

Various memory safety bugs have been found in Thunderbird < 5270, some of them presenting evidence of memory corruption Mozilla presumes that with enough effort some of these could be exploited to run arbitrary code ...

Mozilla Foundation Security Advisory 2018-07 Security vulnerabilities fixed in Firefox ESR 527 Announced March 13, 2018 Impact critical Products Firefox ESR Fixed in Firefox ESR 527 ...

Mozilla Foundation Security Advisory 2018-09 Security vulnerabilities fixed in Thunderbird 527 Announced March 23, 2018 Impact critical Products Thunderbird Fixed in Thunderbird 527 ...

CWE-119 https://www.mozilla.org/security/advisories/mfsa2018-09/https://www.mozilla.org/security/advisories/mfsa2018-07/https://bugzilla.mozilla.org/buglist.cgi?bug_id=1261175%2C1348955 https://www.debian.org/security/2018/dsa-4155 https://www.debian.org/security/2018/dsa-4139 https://usn.ubuntu.com/3545-1/https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html https://access.redhat.com/errata/RHSA-2018:0648 https://access.redhat.com/errata/RHSA-2018:0647 https://access.redhat.com/errata/RHSA-2018:0527 https://access.redhat.com/errata/RHSA-2018:0526 http://www.securitytracker.com/id/1040514 http://www.securityfocus.com/bid/103384 https://security.gentoo.org/glsa/201811-13 https://nvd.nist.gov https://usn.ubuntu.com/3545-1/

Get Started

CVE-2018-5145

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect