CVE-2018-5144
published 2018-06-11CVE-2018-5144: An integer overflow can occur during conversion of text to some Unicode character sets due to an unchecked length parameter. This vulnerability affects Firefox…
high7.3CVSS 3.0
AVNACLPRNUINSUCLILAL
An integer overflow can occur during conversion of text to some Unicode character sets due to an unchecked length parameter. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7.
Affected
28 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | firefox-esr | < firefox-esr 52.7.0esr-1 (bookworm) | firefox-esr 52.7.0esr-1 (bookworm) |
| debian | thunderbird | < firefox-esr 52.7.0esr-1 (bookworm) | firefox-esr 52.7.0esr-1 (bookworm) |
| mozilla | firefox | < 52.7.0 | 52.7.0 |
| mozilla | firefox_esr | >= unspecified < 52.7 | 52.7 |
| mozilla | thunderbird | < 52.7.0 | 52.7.0 |
| mozilla | thunderbird | >= 0 < 1:52.7.0-1 | 1:52.7.0-1 |
| mozilla | thunderbird | >= 0 < 1:52.7.0-1 | 1:52.7.0-1 |
| mozilla | thunderbird | >= 0 < 1:52.7.0-1 | 1:52.7.0-1 |
| mozilla | thunderbird | >= 0 < 1:52.7.0-1 | 1:52.7.0-1 |
| mozilla | thunderbird | >= 0 < 1:52.7.0+build1-0ubuntu0.14.04.1 | 1:52.7.0+build1-0ubuntu0.14.04.1 |
| mozilla | thunderbird | >= 0 < 1:52.7.0+build1-0ubuntu0.16.04.1 | 1:52.7.0+build1-0ubuntu0.16.04.1 |
| mozilla | thunderbird | >= unspecified < 52.7 | 52.7 |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_server_eus | — | — |
| redhat | enterprise_linux_server_eus | — | — |
CVSS provenance
nvdv3.07.3HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
osv8.8HIGH