The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR < 52.7.2 and Firefox < 59.0.1.

OSVersionArchitecturePackageVersionFilename
Debian999allfirefox< 59.0.1-1firefox_59.0.1-1_all.deb
Debian12allfirefox-esr< 52.7.2esr-1firefox-esr_52.7.2esr-1_all.deb
Debian11allfirefox-esr< 52.7.2esr-1firefox-esr_52.7.2esr-1_all.deb
Debian10allfirefox-esr< 52.7.2esr-1firefox-esr_52.7.2esr-1_all.deb
Debian999allfirefox-esr< 52.7.2esr-1firefox-esr_52.7.2esr-1_all.deb
Debian13allfirefox-esr< 52.7.2esr-1firefox-esr_52.7.2esr-1_all.deb
Debian12alllibvorbisidec< 1.2.1+git20180316-1libvorbisidec_1.2.1+git20180316-1_all.deb
Debian11alllibvorbisidec< 1.2.1+git20180316-1libvorbisidec_1.2.1+git20180316-1_all.deb
Debian10alllibvorbisidec< 1.2.1+git20180316-1libvorbisidec_1.2.1+git20180316-1_all.deb
Debian999alllibvorbisidec< 1.2.1+git20180316-1libvorbisidec_1.2.1+git20180316-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	999	all	firefox	< 59.0.1-1	firefox_59.0.1-1_all.deb
Debian	12	all	firefox-esr	< 52.7.2esr-1	firefox-esr_52.7.2esr-1_all.deb
Debian	11	all	firefox-esr	< 52.7.2esr-1	firefox-esr_52.7.2esr-1_all.deb
Debian	10	all	firefox-esr	< 52.7.2esr-1	firefox-esr_52.7.2esr-1_all.deb
Debian	999	all	firefox-esr	< 52.7.2esr-1	firefox-esr_52.7.2esr-1_all.deb
Debian	13	all	firefox-esr	< 52.7.2esr-1	firefox-esr_52.7.2esr-1_all.deb
Debian	12	all	libvorbisidec	< 1.2.1+git20180316-1	libvorbisidec_1.2.1+git20180316-1_all.deb
Debian	11	all	libvorbisidec	< 1.2.1+git20180316-1	libvorbisidec_1.2.1+git20180316-1_all.deb
Debian	10	all	libvorbisidec	< 1.2.1+git20180316-1	libvorbisidec_1.2.1+git20180316-1_all.deb
Debian	999	all	libvorbisidec	< 1.2.1+git20180316-1	libvorbisidec_1.2.1+git20180316-1_all.deb

Rows per page:

1-10 of 111

debian 10

prion 3

suse 1

nessus 69

osv 9

openvas 40

ubuntucve 2

kaspersky 3

cve 3

freebsd 1

cvelist 3

mozilla 2

fedora 5

centos 5

alpinelinux 1

mageia 3

redhat 5

ubuntu 3

checkpoint_advisories 1

redhatcve 1

zdi 1

debiancve 1

ibm 3

veracode 2

oraclelinux 5

android 1

cloudfoundry 1

amazon 2

archlinux 4

slackware 1

altlinux 1

threatpost 1

gentoo 1

debian

[SECURITY] [DSA 4143-1] firefox-esr security update

2018-03-17 18:23:06

[SECURITY] [DLA 1319-1] firefox-esr security update

2018-03-26 23:06:06

[SECURITY] [DSA 4141-1] libvorbisidec security update

2018-03-16 21:18:19

prion

Code injection

2018-06-11 21:29:00

Design/Logic Flaw

2018-06-11 21:29:00

Design/Logic Flaw

2020-12-26 04:15:00

suse

Security update for MozillaFirefox (important)

2018-03-18 15:11:21

nessus

FreeBSD : mozilla -- multiple vulnerabilities (7943794f-707f-4e31-9fea-3bbf1ddcedc1)

2018-03-19 00:00:00

Debian DLA-1319-1 : firefox-esr security update

2018-03-27 00:00:00

openSUSE Security Update : MozillaFirefox (openSUSE-2018-278)

2018-03-19 00:00:00

osv

firefox-esr - security update

2018-03-27 00:00:00

firefox-esr - security update

2018-03-17 00:00:00

libvorbisidec - security update

2018-03-16 00:00:00

openvas

Debian: Security Advisory (DSA-4143-1)

2018-03-16 00:00:00

Mozilla Firefox Security Advisory (MFSA2018-08) - Linux

2021-11-08 00:00:00

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2018:0737-1)

2018-03-19 00:00:00

ubuntucve

CVE-2018-5147

2018-06-11 00:00:00

CVE-2018-5146

2018-03-16 00:00:00

kaspersky

KLA11594 SB vulnerabilities in Mozilla Firefox

2018-03-16 00:00:00

KLA11595 SB vulnerabilities in Mozilla Firefox ESR

2018-03-16 00:00:00

KLA11229 Multiple vulnerabilities in Mozilla Thunderbird

2018-03-23 00:00:00

cve

CVE-2018-5147

2018-06-11 21:29:00

CVE-2018-5146

2018-06-11 21:29:00

CVE-2020-20412

2020-12-26 04:15:00

freebsd

mozilla -- multiple vulnerabilities

2018-03-16 00:00:00

cvelist

CVE-2018-5147

2018-06-11 21:00:00

CVE-2018-5146

2018-06-11 21:00:00

CVE-2020-20412

2020-12-26 00:00:00

mozilla

Out of bounds memory write while processing Vorbis audio data — Mozilla

2018-03-16 00:00:00

Security vulnerabilities fixed in Thunderbird 52.7 — Mozilla

2018-03-23 00:00:00

fedora

[SECURITY] Fedora 26 Update: libvorbis-1.3.6-1.fc26

2018-03-27 19:31:39

[SECURITY] Fedora 28 Update: libvorbis-1.3.6-1.fc28

2018-03-30 13:35:33

[SECURITY] Fedora 27 Update: libvorbis-1.3.6-1.fc27

2018-03-20 18:26:53

centos

firefox security update

2018-03-20 16:39:22

libvorbis security update

2018-04-09 23:35:22

libvorbis security update

2018-05-30 18:24:08

alpinelinux

CVE-2018-5146

2018-06-11 21:29:00

mageia

Updated libvorbis packages fix security vulnerability

2018-03-19 15:13:14

Updated thunderbird packages fix security vulnerability

2018-04-15 16:33:47

Updated thunderbird packages fix bugs and security vulnerabilities

2018-04-20 20:24:13

redhat

(RHSA-2018:0649) Important: libvorbis security update

2018-04-05 19:03:13

(RHSA-2018:0549) Critical: firefox security update

2018-03-19 03:31:41

(RHSA-2018:1058) Important: libvorbis security update

2018-04-10 08:05:03

ubuntu

Firefox vulnerability

2018-03-16 00:00:00

libvorbis vulnerability

2018-03-22 00:00:00

Thunderbird vulnerabilities

2018-03-29 00:00:00

checkpoint_advisories

Mozilla Firefox Vorbis Audio Residue Codebook Out of Bounds Write (CVE-2018-5146)

2018-05-14 00:00:00

redhatcve

CVE-2018-5146

2018-03-16 17:48:59

zdi

(Pwn2Own) Mozilla Firefox libvorbis OGG Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability

2018-03-23 00:00:00

debiancve

CVE-2018-5146

2018-06-11 21:29:00

ibm

Security Bulletin: A vulnerability in libvorbis affects PowerKVM

2018-07-07 00:01:25

Security Bulletin: Open Source Libvorbis, Patch and Python-paramiko vulnerabilities affect IBM Netezza Host Management

2019-10-18 03:36:34

Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private

2018-07-20 18:56:04

veracode

Denial Of Service (DoS) Through Out-of-Bounds Write

2019-01-15 09:22:28

Denial Of Service (DoS) Through Out-of-Bounds Write

2018-04-25 09:40:14

oraclelinux

firefox security update

2018-03-19 00:00:00

libvorbis security update

2018-04-17 00:00:00

libvorbis security update

2018-04-05 00:00:00

android

CVE-2018-5146

2018-06-01 00:00:00

cloudfoundry

USN-3604-1: libvorbis vulnerability | Cloud Foundry

2018-05-02 00:00:00

amazon

Critical: libvorbis

2018-03-22 22:02:00

Critical: libvorbis

2018-04-05 15:57:00

archlinux

[ASA-201803-13] firefox: arbitrary code execution

2018-03-18 00:00:00

[ASA-201803-21] lib32-libvorbis: multiple issues

2018-03-19 00:00:00

[ASA-201803-12] libvorbis: multiple issues

2018-03-16 00:00:00

slackware

[slackware-security] libvorbis

2018-03-18 04:31:27

altlinux

Security fix for the ALT Linux 10 package thunderbird version 52.7.0-alt1

2018-03-24 00:00:00

threatpost

Google Patches 11 Critical Android Bugs in June Update

2018-06-05 17:30:40

gentoo

Mozilla Thunderbird: Multiple vulnerabilities

2018-11-24 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

0.006 Low

EPSS

Percentile

79.0%

JSON

Related for DEBIANCVE:CVE-2018-5147