CVE-2018-5159
CVE-2018-5159
An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
Productos afectados
Mozilla · FirefoxMozilla · Firefox ESRMozilla · ThunderbirdMozilla · Thunderbird ESRPoCs públicas encontradas — 2
cve_referencewww.exploit-db.com/exploits/44759/no verificadoexploitdbwww.exploit-db.com/exploits/44759no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://access.redhat.com/errata/RHSA-2018:1414https://access.redhat.com/errata/RHSA-2018:1415https://access.redhat.com/errata/RHSA-2018:1725https://access.redhat.com/errata/RHSA-2018:1726https://bugzilla.mozilla.org/show_bug.cgi?id=1441941https://lists.debian.org/debian-lts-announce/2018/05/msg00007.htmlhttps://lists.debian.org/debian-lts-announce/2018/05/msg00013.htmlhttps://security.gentoo.org/glsa/201810-01https://security.gentoo.org/glsa/201811-13https://usn.ubuntu.com/3645-1/https://usn.ubuntu.com/3660-1/https://www.debian.org/security/2018/dsa-4199