CVE-2018-5089

Source
https://nvd.nist.gov/vuln/detail/CVE-2018-5089
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5089.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-5089
Related
Published
2018-06-11T21:29:12Z
Modified
2024-09-18T01:00:22Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.

References

Affected packages

Debian:11 / firefox-esr

Package

Name
firefox-esr
Purl
pkg:deb/debian/firefox-esr?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
52.6.0esr-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / firefox-esr

Package

Name
firefox-esr
Purl
pkg:deb/debian/firefox-esr?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
52.6.0esr-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / firefox-esr

Package

Name
firefox-esr
Purl
pkg:deb/debian/firefox-esr?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
52.6.0esr-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / thunderbird

Package

Name
thunderbird
Purl
pkg:deb/debian/thunderbird?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:52.6.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / thunderbird

Package

Name
thunderbird
Purl
pkg:deb/debian/thunderbird?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:52.6.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / thunderbird

Package

Name
thunderbird
Purl
pkg:deb/debian/thunderbird?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:52.6.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}