Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-5388

Опубликовано: 11 июн. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on e10s systems, allowing for a denial of service attack. This vulnerability affects Firefox < 51.

РелизСтатусПримечание
devel

not-affected

51.0.1+build2-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [51.0.1+build2-0ubuntu0.14.04.1]]
precise

released

51.0.1+build2-0ubuntu0.12.04.1
trusty

released

51.0.1+build2-0ubuntu0.14.04.1
trusty/esm

DNE

trusty was released [51.0.1+build2-0ubuntu0.14.04.1]
upstream

released

51
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

xenial

released

51.0.1+build2-0ubuntu0.16.04.1
yakkety

released

51.0.1+build2-0ubuntu0.16.10.1

Показывать по

РелизСтатусПримечание
devel

not-affected

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected]
precise

not-affected

trusty

not-affected

trusty/esm

DNE

trusty was not-affected
upstream

not-affected

vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

xenial

not-affected

yakkety

not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 79%
0.0128
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2017-5388

CVSS3: 7.5
nvd
больше 7 лет назад

A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on e10s systems, allowing for a denial of service attack. This vulnerability affects Firefox < 51.

debian логотип

CVE-2017-5388

CVSS3: 7.5
debian
больше 7 лет назад

A STUN server in conjunction with a large number of "webkitRTCPeerConn ...

github логотип

GHSA-hvw3-mf8r-hgvr

CVSS3: 7.5
github
больше 3 лет назад

A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on e10s systems, allowing for a denial of service attack. This vulnerability affects Firefox < 51.

suse-cvrf логотип

openSUSE-SU-2017:0358-1

suse-cvrf
около 9 лет назад

Security update for MozillaFirefox

EPSS

Процентиль: 79%
0.0128
Низкий

5 Medium

CVSS2

7.5 High

CVSS3