CVE-2017-5380

Опубликовано: 11 июн. 2018

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 7.5

CVSS3: 9.8

Описание

A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

Релиз	Статус	Примечание
devel	not-affected	51.0.1+build2-0ubuntu1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [51.0.1+build2-0ubuntu0.14.04.1]]
precise	released	51.0.1+build2-0ubuntu0.12.04.1
trusty	released	51.0.1+build2-0ubuntu0.14.04.1
trusty/esm	DNE	trusty was released [51.0.1+build2-0ubuntu0.14.04.1]
upstream	released	51
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	released	51.0.1+build2-0ubuntu0.16.04.1
yakkety	released	51.0.1+build2-0ubuntu0.16.10.1

Показывать по

Релиз	Статус	Примечание
devel	released	1:45.7.0+build1-0ubuntu1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [1:45.7.0+build1-0ubuntu0.14.04.1]]
precise	released	1:45.7.0+build1-0ubuntu0.12.04.1
trusty	released	1:45.7.0+build1-0ubuntu0.14.04.1
trusty/esm	DNE	trusty was released [1:45.7.0+build1-0ubuntu0.14.04.1]
upstream	needs-triage
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	released	1:45.7.0+build1-0ubuntu0.16.04.1
yakkety	released	1:45.7.0+build1-0ubuntu0.16.10.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 83%

0.02031

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2017-5380

CVSS3: 9.8

redhat

почти 9 лет назад

A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVE-2017-5380

CVSS3: 9.8

nvd

больше 7 лет назад

A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVE-2017-5380

CVSS3: 9.8

debian

больше 7 лет назад

A potential use-after-free found through fuzzing during DOM manipulati ...

GHSA-5xhv-w67w-545f

CVSS3: 9.8

github

больше 3 лет назад

A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

ELSA-2017-0238

oracle-oval

почти 9 лет назад

ELSA-2017-0238: thunderbird security update (IMPORTANT)

EPSS

Процентиль: 83%

0.02031

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2017-5380

Описание

Пакет firefox

Пакет thunderbird

Ссылки на источники

Связанные уязвимости