CVE-2018-5146

Summary

An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 59.0.1affected
MozillaFirefox ESRunspecified < 52.7.2affected
MozillaThunderbirdunspecified < 52.7affected

Weaknesses

  • Out of bounds memory write in libvorbis

ADP Enrichment

CVE Program Container

Additional References

References