CVE-2017-5392

Опубликовано: 11 июн. 2018

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 7.5

CVSS3: 9.8

Описание

Weak proxy objects have weak references on multiple threads when they should only have them on one, resulting in incorrect memory usage and corruption, which leads to potentially exploitable crashes. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 51.

Релиз	Статус	Примечание
devel	not-affected	only affects Firefox for Android
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [only affects Firefox for Android]]
precise	not-affected	only affects Firefox for Android
trusty	not-affected	only affects Firefox for Android
trusty/esm	DNE	trusty was not-affected [only affects Firefox for Android]
upstream	released	51
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	not-affected	only affects Firefox for Android
yakkety	not-affected	only affects Firefox for Android

Показывать по

Релиз	Статус	Примечание
devel	not-affected
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected]
precise	not-affected
trusty	not-affected
trusty/esm	DNE	trusty was not-affected
upstream	not-affected
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	not-affected
yakkety	not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 83%

0.01847

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2017-5392

CVSS3: 9.8

nvd

больше 7 лет назад

CVE-2017-5392

CVSS3: 9.8

debian

больше 7 лет назад

Weak proxy objects have weak references on multiple threads when they ...

GHSA-cxh5-m5cc-6w2r

CVSS3: 9.8

github

больше 3 лет назад

openSUSE-SU-2017:0358-1

suse-cvrf

около 9 лет назад

Security update for MozillaFirefox

EPSS

Процентиль: 83%

0.01847

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2017-5392

Описание

Пакет firefox

Пакет thunderbird

Ссылки на источники

Связанные уязвимости