CVE-2018-5145

Sažetak

Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7.

Reference

http://www.securityfocus.com/bid/103384
http://www.securitytracker.com/id/1040514
https://access.redhat.com/errata/RHSA-2018:0526
https://access.redhat.com/errata/RHSA-2018:0527
https://access.redhat.com/errata/RHSA-2018:0647
https://access.redhat.com/errata/RHSA-2018:0648
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1261175%2C1348955
https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html
https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html
https://security.gentoo.org/glsa/201811-13
https://usn.ubuntu.com/3545-1/
https://www.debian.org/security/2018/dsa-4139
https://www.debian.org/security/2018/dsa-4155
https://www.mozilla.org/security/advisories/mfsa2018-07/
https://www.mozilla.org/security/advisories/mfsa2018-09/

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

13-03-2019 - 13:44

Objavljeno

11-06-2018 - 21:29