CVE-2018-5146

🗓️ 11 Jun 2018 21:14:29Reported by mozillaType

CVE-2018-5146: Out of bounds memory write in Vorbis audio data processin

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 198
RedHat Linux	(RHSA-2018:0649) Important: libvorbis security update	5 Apr 201819:03	–	redhat
RedHat Linux	(RHSA-2018:0549) Critical: firefox security update	19 Mar 201803:31	–	redhat
RedHat Linux	(RHSA-2018:1058) Important: libvorbis security update	10 Apr 201808:05	–	redhat
RedHat Linux	(RHSA-2018:0647) Important: thunderbird security update	5 Apr 201819:02	–	redhat
RedHat Linux	(RHSA-2018:0648) Important: thunderbird security update	5 Apr 201819:02	–	redhat
Fedora	[SECURITY] Fedora 28 Update: libvorbis-1.3.6-1.fc28	30 Mar 201813:35	–	fedora
Fedora	[SECURITY] Fedora 26 Update: libvorbis-1.3.6-1.fc26	27 Mar 201819:31	–	fedora
Fedora	[SECURITY] Fedora 27 Update: libvorbis-1.3.6-1.fc27	20 Mar 201818:26	–	fedora
Fedora	[SECURITY] Fedora 28 Update: firefox-59.0.1-1.fc28	26 Mar 201822:32	–	fedora
Fedora	[SECURITY] Fedora 29 Update: mingw-libvorbis-1.3.6-2.fc29	22 Jan 201917:42	–	fedora

Nvd

Vulners

Node

redhat enterprise_linux_desktopMatch6.0

redhat enterprise_linux_desktopMatch7.0

redhat enterprise_linux_serverMatch6.0

redhat enterprise_linux_serverMatch7.0

redhat enterprise_linux_server_ausMatch7.4

redhat enterprise_linux_server_ausMatch7.6

redhat enterprise_linux_server_eusMatch7.4

redhat enterprise_linux_server_eusMatch7.5

redhat enterprise_linux_server_eusMatch7.6

redhat enterprise_linux_server_tusMatch7.4

redhat enterprise_linux_server_tusMatch7.6

redhat enterprise_linux_workstationMatch6.0

redhat enterprise_linux_workstationMatch7.0

Node

debian debian_linuxMatch7.0

debian debian_linuxMatch8.0

debian debian_linuxMatch9.0

Node

canonical ubuntu_linuxMatch14.04lts

canonical ubuntu_linuxMatch16.04lts

canonical ubuntu_linuxMatch17.10

Node

mozilla firefoxRange<59.0.1

mozilla firefox_esrRange<52.7.2

mozilla thunderbirdRange<52.7.0

[
  {
    "product": "Firefox",
    "vendor": "Mozilla",
    "versions": [
      {
        "lessThan": "59.0.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Firefox ESR",
    "vendor": "Mozilla",
    "versions": [
      {
        "lessThan": "52.7.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Thunderbird",
    "vendor": "Mozilla",
    "versions": [
      {
        "lessThan": "52.7",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
lists	www.lists.debian.org/debian-lts-announce/2018/03/msg00029.html
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi
access	www.access.redhat.com/errata/RHSA-2018:0649
access	www.access.redhat.com/errata/RHSA-2018:0647
access	www.access.redhat.com/errata/RHSA-2018:0648
debian	www.debian.org/security/2018/dsa-4143
mozilla	www.mozilla.org/security/advisories/mfsa2018-09/
security	www.security.gentoo.org/glsa/201811-13
securityfocus	www.securityfocus.com/bid/103432
usn	www.usn.ubuntu.com/3545-1/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

11 Jun 2018 21:29Current

7High risk

Vulners AI Score7

CVSS26.8

CVSS38.8

EPSS0.17666

CWE-787