cbcvebase.
CVE-2017-5418
published 2018-06-11

CVE-2017-5418: An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory…

PriorityP423medium5.3CVSS 3.0
AVNACLPRNUINSUCLINAN
EPSS
1.28%
66.5th percentile
An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set patterns. This vulnerability affects Firefox < 52 and Thunderbird < 52.

Affected

9 ranges
VendorProductVersion rangeFixed in
debianfirefox< firefox 52.0-1 (sid)firefox 52.0-1 (sid)
mozillafirefox< 52.052.0
mozillafirefox>= 0 < 52.0+build2-0ubuntu0.14.04.152.0+build2-0ubuntu0.14.04.1
mozillafirefox>= 0 < 52.0.2+build1-0ubuntu0.14.04.152.0.2+build1-0ubuntu0.14.04.1
mozillafirefox>= 0 < 52.0+build2-0ubuntu0.16.04.152.0+build2-0ubuntu0.16.04.1
mozillafirefox>= 0 < 52.0.2+build1-0ubuntu0.16.04.152.0.2+build1-0ubuntu0.16.04.1
mozillafirefox>= unspecified < 5252
mozillathunderbird< 52.052.0
mozillathunderbird>= unspecified < 5252

CVSS provenance

nvdv3.05.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv9.8CRITICAL
vendor_ubuntu9.8CRITICAL
vendor_debian5.3MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.