CVE-2018-5183

 

Published at: - 11-06-2018 11:29

Last modified: - 24-09-2022 03:03

Total changes: - 2

Description

Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8.

Common Vulnerability Scoring System (CVSS)

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

 

Verification logic

 

Reference

• https://www.mozilla.org/security/advisories/mfsa2018-13/
• https://www.mozilla.org/security/advisories/mfsa2018-12/
• https://bugzilla.mozilla.org/show_bug.cgi?id=1454692
• DSA-4209-Third Party Advisory
• DSA-4199-Third Party Advisory
• USN-3660-1-Third Party Advisory
• [debian-lts-announce] 20180525 [SECURITY] [DLA 1382-1] thunderbird security update-Mailing List, Third Party Advisory
• [debian-lts-announce] 20180511 [SECURITY] [DLA 1376-1] firefox-esr security update-Mailing List, Third Party Advisory
• RHSA-2018:1726-Third Party Advisory
• RHSA-2018:1725-Third Party Advisory
• RHSA-2018:1415-Third Party Advisory
• RHSA-2018:1414-Third Party Advisory
• 1040898-Third Party Advisory, VDB Entry
• 104138-Third Party Advisory, VDB Entry
• GLSA-201810-01-Third Party Advisory
• GLSA-201811-13-Third Party Advisory

 

Keywords

NVD

 

CVE-2018-5183

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures