CVE-2018-5156

Summary

A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

Affected Software

VendorProductVersion RangeStatus
MozillaThunderbirdunspecified < 60affected
MozillaFirefox ESRunspecified < 60.1affected
MozillaFirefox ESRunspecified < 52.9affected
MozillaFirefoxunspecified < 61affected

Weaknesses

  • Media recorder segmentation fault when track type is changed during capture

ADP Enrichment

CVE Program Container

Additional References

References