CVE-2018-5183
Published: 10 May 2018
Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8.
Priority
Status
Package | Release | Status |
---|---|---|
thunderbird Launchpad, Ubuntu, Debian |
upstream |
Released
(52.8.0)
|
xenial |
Released
(1:52.8.0+build1-0ubuntu0.16.04.1)
|
|
artful |
Released
(1:52.8.0+build1-0ubuntu0.17.10.1)
|
|
bionic |
Released
(1:52.8.0+build1-0ubuntu0.18.04.1)
|
|
trusty |
Released
(1:52.8.0+build1-0ubuntu0.14.04.1)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 9.8 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |