CVE-2017-5418

Published: 07 March 2017

An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set patterns. This vulnerability affects Firefox < 52 and Thunderbird < 52.

Priority

Low

CVSS 3 base score: 5.3

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
Upstream
Released (52.0)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (52.0+build2-0ubuntu0.16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [52.0+build2-0ubuntu0.14.04.1])
Ubuntu 12.04 ESM (Precise Pangolin)
Released (52.0+build2-0ubuntu0.12.04.1)