Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object’s address can be discovered through hash codes, and also allows for data leakage of an object’s content using these hash codes. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

References

rhn.redhat.com/errata/RHSA-2017-0190.html

rhn.redhat.com/errata/RHSA-2017-0238.html

www.securityfocus.com/bid/95769

www.securitytracker.com/id/1037693

bugzilla.mozilla.org/show_bug.cgi?id=1312001

bugzilla.mozilla.org/show_bug.cgi?id=1330769

security.gentoo.org/glsa/201702-13

security.gentoo.org/glsa/201702-22

www.debian.org/security/2017/dsa-3771

www.debian.org/security/2017/dsa-3832

www.mozilla.org/security/advisories/mfsa2017-01/

www.mozilla.org/security/advisories/mfsa2017-02/

www.mozilla.org/security/advisories/mfsa2017-03/

debiancve 1

redhatcve 1

ubuntucve 1

cve 1

cvelist 1

nvd 1

veracode 1

alpinelinux 1

googleprojectzero 1

nessus 33

kaspersky 2

gentoo 2

openvas 33

mageia 3

centos 2

oraclelinux 2

archlinux 2

mozilla 3

redhat 2

suse 3

osv 4

slackware 1

ibm 2

debian 4

ubuntu 3

freebsd 1

debiancve

CVE-2017-5378

2018-06-11 21:29:02

redhatcve

CVE-2017-5378

2017-01-25 06:47:48

ubuntucve

CVE-2017-5378

2017-01-25 00:00:00

cve

CVE-2017-5378

2018-06-11 21:29:02

cvelist

CVE-2017-5378

2018-06-11 21:00:00

nvd

CVE-2017-5378

2018-06-11 21:29:02

veracode

Information Disclosure

2019-05-02 06:09:37

alpinelinux

CVE-2017-5378

2018-06-11 21:29:02

googleprojectzero

How a simple Linux kernel memory corruption bug can lead to complete system compromise

2021-10-19 00:00:00

nessus

Virtuozzo 6 : thunderbird (VZLSA-2017-0238)

2017-07-13 00:00:00

Mozilla Thunderbird < 45.7 Multiple Vulnerabilities

2017-01-31 00:00:00

Scientific Linux Security Update : thunderbird on SL5.x, SL6.x, SL7.x i386/x86_64 (20170202)

2017-02-03 00:00:00

kaspersky

KLA10956 Multiple vulnerabilities in Mozilla Thunderbird

2017-01-26 00:00:00

KLA10953 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR

2017-01-24 00:00:00

gentoo

Mozilla Thunderbird: Multiple vulnerabilities

2017-02-20 00:00:00

Mozilla Firefox: Multiple vulnerabilities

2017-02-20 00:00:00

openvas

Mozilla Thunderbird Security Advisories (MFSA2017-03, MFSA2017-03) - Mac OS X

2017-01-27 00:00:00

CentOS Update for thunderbird CESA-2017:0238 centos5

2017-02-03 00:00:00

CentOS Update for thunderbird CESA-2017:0238 centos7

2017-02-03 00:00:00

mageia

Updated thunderbird packages fix security vulnerabilities

2017-02-04 00:39:38

Updated firefox packages fix security vulnerability

2017-01-27 12:19:09

Updated iceape packages fix security vulnerabilities

2017-09-02 00:10:29

centos

thunderbird security update

2017-02-02 21:10:46

firefox security update

2017-01-26 20:24:55

oraclelinux

thunderbird security update

2017-02-02 00:00:00

firefox security update

2017-01-25 00:00:00

archlinux

[ASA-201701-40] thunderbird: multiple issues

2017-01-29 00:00:00

[ASA-201701-39] firefox: multiple issues

2017-01-29 00:00:00

mozilla

Security vulnerabilities fixed in Thunderbird 45.7 — Mozilla

2017-01-26 00:00:00

Security vulnerabilities fixed in Firefox ESR 45.7 — Mozilla

2017-01-24 00:00:00

Security vulnerabilities fixed in Firefox 51 — Mozilla

2017-01-24 00:00:00

redhat

(RHSA-2017:0238) Important: thunderbird security update

2017-02-02 00:00:00

(RHSA-2017:0190) Critical: firefox security update

2017-01-25 00:00:00

suse

Security update for MozillaFirefox (important)

2017-02-09 03:07:40

Security update for MozillaFirefox (important)

2017-02-08 18:10:27

Security update for MozillaFirefox (important)

2017-02-02 00:13:07

osv

firefox-esr - security update

2017-01-26 00:00:00

firefox-esr - security update

2017-01-25 00:00:00

icedove - security update

2017-04-20 00:00:00

slackware

[slackware-security] mozilla-thunderbird

2017-01-27 04:35:28

ibm

Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM SONAS

2018-06-18 00:33:09

Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM Storwize V7000 Unified

2018-06-18 00:33:13

debian

[SECURITY] [DSA 3771-1] firefox-esr security update

2017-01-25 21:46:48

[SECURITY] [DLA 800-1] firefox-esr security update

2017-01-26 17:17:44

[SECURITY] [DLA 896-1] icedove/thunderbird security update

2017-04-19 05:28:51

ubuntu

Thunderbird vulnerabilities

2017-01-28 00:00:00

Firefox regression

2017-02-06 00:00:00

Firefox vulnerabilities

2017-01-27 00:00:00

freebsd

mozilla -- multiple vulnerabilities

2017-01-24 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

7.8

Confidence

High

EPSS

0.003

Percentile

70.2%

JSON

Related for PRION:CVE-2017-5378