CVE-2017-5378
N/A
N/A
Summary
Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an object's content using these hash codes. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Mozilla | Thunderbird | unspecified < 45.7 | affected |
| Mozilla | Firefox ESR | unspecified < 45.7 | affected |
| Mozilla | Firefox | unspecified < 51 | affected |
Weaknesses
- Pointer and frame data leakage of Javascript objects
ADP Enrichment
CVE Program Container
Additional References
- https://www.mozilla.org/security/advisories/mfsa2017-03/
- https://www.mozilla.org/security/advisories/mfsa2017-02/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1312001
- https://security.gentoo.org/glsa/201702-22
- https://bugzilla.mozilla.org/show_bug.cgi?id=1330769
- https://www.debian.org/security/2017/dsa-3832
- https://security.gentoo.org/glsa/201702-13
- https://www.debian.org/security/2017/dsa-3771
- http://www.securitytracker.com/id/1037693
- https://www.mozilla.org/security/advisories/mfsa2017-01/
- http://rhn.redhat.com/errata/RHSA-2017-0190.html
- http://rhn.redhat.com/errata/RHSA-2017-0238.html
- http://www.securityfocus.com/bid/95769
References
- https://www.mozilla.org/security/advisories/mfsa2017-03/
- https://www.mozilla.org/security/advisories/mfsa2017-02/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1312001
- https://security.gentoo.org/glsa/201702-22
- https://bugzilla.mozilla.org/show_bug.cgi?id=1330769
- https://www.debian.org/security/2017/dsa-3832
- https://security.gentoo.org/glsa/201702-13
- https://www.debian.org/security/2017/dsa-3771
- http://www.securitytracker.com/id/1037693
- https://www.mozilla.org/security/advisories/mfsa2017-01/
- http://rhn.redhat.com/errata/RHSA-2017-0190.html
- http://rhn.redhat.com/errata/RHSA-2017-0238.html
- http://www.securityfocus.com/bid/95769
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.