CVE-2017-5380

Опубликовано: 11 июн. 2018

Источник: debian

EPSS Низкий

Описание

A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

Пакеты

Пакет	Статус	Версия исправления	Тип
firefox	fixed	51.0-1	package
firefox-esr	fixed	45.7.0esr-1	package
icedove	fixed	1:45.7.1-1	package

Примечания

https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5380
https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5380
https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/#CVE-2017-5380

EPSS

Процентиль: 83%

0.02031

Низкий

Связанные уязвимости

CVE-2017-5380

CVSS3: 9.8

ubuntu

больше 7 лет назад

A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVE-2017-5380

CVSS3: 9.8

redhat

почти 9 лет назад

A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVE-2017-5380

CVSS3: 9.8

nvd

больше 7 лет назад

A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

GHSA-5xhv-w67w-545f

CVSS3: 9.8

github

больше 3 лет назад

A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

ELSA-2017-0238

oracle-oval

почти 9 лет назад

ELSA-2017-0238: thunderbird security update (IMPORTANT)

EPSS

Процентиль: 83%

0.02031

Низкий