CVE-2017-7752 (retired)

Priority
Description
A use-after-free vulnerability during specific user interactions with the
input method editor (IME) in some languages due to how events are handled.
This results in a potentially exploitable crash but would require specific
user interaction to trigger. This vulnerability affects Firefox < 54,
Firefox ESR < 52.2, and Thunderbird < 52.2.
Assigned-to
chrisccoulson
Package
Upstream:released (54.0)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (54.0+build3-0ubuntu0.14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (54.0+build3-0ubuntu0.16.04.1)
Package
Priority: Low
Upstream:released (52.2.0)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (1:52.2.1+build1-0ubuntu0.14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (1:52.2.1+build1-0ubuntu0.16.04.1)
More Information

Updated: 2019-03-26 12:26:25 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)