Vulnerability CVE-2018-5104: Information
Description
A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Fixed packages
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://www.mozilla.org/security/advisories/mfsa2018-04/ |
|
https://www.mozilla.org/security/advisories/mfsa2018-03/ |
|
https://www.mozilla.org/security/advisories/mfsa2018-02/ |
|
https://bugzilla.mozilla.org/show_bug.cgi?id=1425000 |
|
DSA-4102 |
|
DSA-4096 |
|
USN-3544-1 |
|
[debian-lts-announce] 20180129 [SECURITY] [DLA 1262-1] thunderbird security update |
|
[debian-lts-announce] 20180124 [SECURITY] [DLA 1256-1] firefox-esr security update |
|
RHSA-2018:0262 |
|
RHSA-2018:0122 |
|
1040270 |
|
102783 |
|