Vulnerability CVE-2018-5098: Information
Description
A use-after-free vulnerability can occur when form input elements, focus, and selections are manipulated by script content. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Fixed packages
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://www.mozilla.org/security/advisories/mfsa2018-04/ |
|
https://www.mozilla.org/security/advisories/mfsa2018-03/ |
|
https://www.mozilla.org/security/advisories/mfsa2018-02/ |
|
https://bugzilla.mozilla.org/show_bug.cgi?id=1399400 |
|
DSA-4102 |
|
DSA-4096 |
|
USN-3544-1 |
|
[debian-lts-announce] 20180129 [SECURITY] [DLA 1262-1] thunderbird security update |
|
[debian-lts-announce] 20180124 [SECURITY] [DLA 1256-1] firefox-esr security update |
|
RHSA-2018:0262 |
|
RHSA-2018:0122 |
|
1040270 |
|
102783 |
|