Memory corruption

2018-10-1813:29:00

PRIOn knowledge base

www.prio-n.com

9.7 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.0%

JSON

Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

CPENameOperatorVersion
ubuntu_linuxeq16.04
ubuntu_linuxeq14.04
ubuntu_linuxeq17.10
ubuntu_linuxeq18.04
debian_linuxeq8.0
debian_linuxeq9.0
firefoxlt61.0
firefox_esrlt52.9
firefox_esrge53.0
firefox_esrlt60.1.0

Name	Operator	Version
ubuntu_linux	eq	16.04
ubuntu_linux	eq	14.04
ubuntu_linux	eq	17.10
ubuntu_linux	eq	18.04
debian_linux	eq	8.0
debian_linux	eq	9.0
firefox	lt	61.0
firefox_esr	lt	52.9
firefox_esr	ge	53.0
firefox_esr	lt	60.1.0

Rows per page:

1-10 of 211

References

www.securityfocus.com/bid/104555

access.redhat.com/errata/RHSA-2018:2112

access.redhat.com/errata/RHSA-2018:2113

access.redhat.com/errata/RHSA-2018:2251

access.redhat.com/errata/RHSA-2018:2252

bugzilla.mozilla.org/buglist.cgi?bug_id=1456189%2C1456975%2C1465898%2C1392739%2C1451297%2C1464063%2C1437842%2C1442722%2C1452576%2C1450688%2C1458264%2C1458270%2C1465108%2C1464829%2C1464079%2C1463494%2C1458048

lists.debian.org/debian-lts-announce/2018/06/msg00014.html

lists.debian.org/debian-lts-announce/2018/07/msg00013.html

security.gentoo.org/glsa/201810-01

security.gentoo.org/glsa/201811-13

usn.ubuntu.com/3705-1/

usn.ubuntu.com/3714-1/

usn.ubuntu.com/3749-1/

www.debian.org/security/2018/dsa-4244

www.mozilla.org/security/advisories/mfsa2018-15/

www.mozilla.org/security/advisories/mfsa2018-16/

www.mozilla.org/security/advisories/mfsa2018-17/

www.mozilla.org/security/advisories/mfsa2018-18/