Buffer overflow

2019-02-2818:29:00

PRIOn knowledge base

www.prio-n.com

9.2 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.9%

JSON

A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.

CPENameOperatorVersion
ubuntu_linuxeq16.04
ubuntu_linuxeq14.04
ubuntu_linuxeq18.04
ubuntu_linuxeq18.10
debian_linuxeq8.0
debian_linuxeq9.0
firefoxlt64.0
firefox_esrlt60.4.0
thunderbirdlt60.4.0
enterprise_linux_desktopeq7.0

Name	Operator	Version
ubuntu_linux	eq	16.04
ubuntu_linux	eq	14.04
ubuntu_linux	eq	18.04
ubuntu_linux	eq	18.10
debian_linux	eq	8.0
debian_linux	eq	9.0
firefox	lt	64.0
firefox_esr	lt	60.4.0
thunderbird	lt	60.4.0
enterprise_linux_desktop	eq	7.0