vulnerability

Red Hat: CVE-2018-5095: Critical: firefox security update (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	Feb 1, 2018	May 1, 2018	Mar 3, 2021

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Feb 1, 2018

Added

May 1, 2018

Modified

Mar 3, 2021

Description

An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.

Solutions

redhat-upgrade-firefoxredhat-upgrade-firefox-debuginforedhat-upgrade-thunderbirdredhat-upgrade-thunderbird-debuginfo

References

BID-102783
DEBIAN-DSA-4096
DEBIAN-DSA-4102
NVD-CVE-2018-5095
REDHAT-RHSA-2018:0122
REDHAT-RHSA-2018:0262
SECTRACK-1040270
UBUNTU-USN-3529-1
UBUNTU-USN-3544-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today