CVE-2018-5177

Name
CVE-2018-5177
Description
A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox < 60.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Vendor Advisory https://www.mozilla.org/security/advisories/mfsa2018-11/
Issue Tracking https://bugzilla.mozilla.org/show_bug.cgi?id=1451908
Third Party Advisory https://usn.ubuntu.com/3645-1/
Third Party Advisory http://www.securitytracker.com/id/1040896
Third Party Advisory http://www.securityfocus.com/bid/104139

Match rules

CPE URI Source package Min version Max version
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* ubuntu_linux == None == 18.04
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:* ubuntu_linux == None == 17.10
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:* ubuntu_linux == None == 16.04
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* ubuntu_linux == None == 14.04

Vulnerable and fixed packages

Source package Branch Version Maintainer Status