CVE-2017-5399: Buffer Overflow
First published: Tue Mar 07 2017(Updated: )
Mozilla developers and community members Carsten Book, Calixte Denizet, Christian Holler, Andrew McCreight, David Bolter, David Keeler, Jon Coppeard, Tyson Smith, Ronald Crane, Tooru Fujisawa, Ben Kelly, Bob Owen, Jed Davis, Julian Seward, Julian Hector, Philipp, Markus Stange, and André Bargull reported memory safety bugs present in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
Credit: security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Firefox | <52 | 52 |
| <52 | 52 | |
| Mozilla Firefox | <52.0 | |
| Mozilla Thunderbird | <52.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332569%2C1315248%2C1261335%2C1321038%2C1331771%2C1339566%2C1339591%2C1240893%2C1341905%2C1323241%2C1336467%2C1270288%2C1295299%2C1296024%2C1304201%2C1306142%2C1307557%2C1308036%2C1334246%2C1334290%2C1317085%2C1339116%2C1324000%2C1323150%2C1332501%2C1320894%2C1333752%2C1303713%2C1321566%2C1264053%2C1343513
- https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/
- https://www.mozilla.org/en-US/security/advisories/mfsa2017-09/
- http://www.securityfocus.com/bid/96692
- http://www.securitytracker.com/id/1037966
- https://www.mozilla.org/security/advisories/mfsa2017-05/
- https://www.mozilla.org/security/advisories/mfsa2017-09/
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2017-5400
- CVE-2017-5401
- CVE-2017-5402
- CVE-2017-5403
- CVE-2017-5404
- CVE-2017-5406
- CVE-2017-5407
- CVE-2017-5410
- CVE-2017-5411
- CVE-2017-5408
- CVE-2017-5412
- CVE-2017-5413
- CVE-2017-5414
- CVE-2017-5416
- CVE-2017-5425
- CVE-2017-5426
- CVE-2017-5418
- CVE-2017-5419
- CVE-2017-5405
- CVE-2017-5421
- CVE-2017-5422
- CVE-2017-5399
- CVE-2017-5398
- CVE-2017-5409
- CVE-2017-5415
- CVE-2017-5417
- CVE-2017-5427
- CVE-2017-5420
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/softwarecombine
- agent/description
- collector/mozilla-advisory
- source/Mozilla
- agent/software-canonical-lookup
- agent/event
- agent/software-canonical-lookup-request
- agent/tags
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- vendor/mozilla
- canonical/mozilla thunderbird
- canonical/mozilla firefox