Back to search
CVE-2018-5148
Published: Jun 11, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.7.3 and Firefox < 59.0.2.
| Vendor | Product | Versions |
|---|---|---|
Mozilla | Firefox ESR | affected unspecified - < 52.7.3 |
Mozilla | Firefox | affected unspecified - < 59.0.2 |
References
RHSA-2018:1098
vendor-advisory
x_refsource_REDHAT
https://bugzilla.mozilla.org/show_bug.cgi?id=1440717
x_refsource_CONFIRM
USN-3609-1
vendor-advisory
x_refsource_UBUNTU
DSA-4153
vendor-advisory
x_refsource_DEBIAN
https://www.mozilla.org/security/advisories/mfsa2018-10/
x_refsource_CONFIRM
1040574
vdb-entry
x_refsource_SECTRACK
[debian-lts-announce] 20180327 [SECURITY] [DLA 1321-1] firefox-esr security update
mailing-list
x_refsource_MLIST
103506
vdb-entry
x_refsource_BID
RHSA-2018:1099
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now