PT-2018-16786 · Mozilla+3 · Firefox+3

Huzaifa Sidhpurwala

Published

2018-03-16

Updated

2024-12-12

CVE-2018-5147

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Firefox ESR versions prior to 52.7.2 Firefox versions prior to 59.0.1

Description The issue is related to the libtremor library, which has a flaw similar to a previously known issue. This library is utilized by Firefox on Android and ARM platforms as a replacement for libvorbis.

Recommendations For Firefox ESR versions prior to 52.7.2, update to version 52.7.2 or later. For Firefox versions prior to 59.0.1, update to version 59.0.1 or later.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALT-PU-2018-1502

ALT-PU-2018-1854

CVE-2018-5147

DLA-1312-1

DLA-1319-1

DSA-4141-1

DSA-4143-1

OPENSUSE-SU-2024:10600-1

OPENSUSE-SU-2024:14572-1

SUSE-SU-2018:0850-1

SUSE-SU-2018:0907-1

Affected Products

Alt Linux

Firefox

Suse

Libtremor

PT-2018-16786 · Mozilla+3 · Firefox+3

CVE-2018-5147

Weakness Enumeration

Related Identifiers

Affected Products

References · 1891