AVG-659 log
Package | firefox |
Status | Not affected |
Severity | Critical |
Type | arbitrary code execution |
Affected | 59.0-2 |
Fixed | 59.0.1-1 |
Current | 133.0.3-2 [extra] |
Ticket | None |
Created | Mon Mar 19 11:18:58 2018 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2018-5147 | Critical | Yes | Arbitrary code execution | An out of bounds memory write vulnerability has been discovered in libtremor while processing Vorbis audio data related to codebooks that are not an exact... |
References |
---|
https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/#CVE-2018-5146 https://bugzilla.mozilla.org/show_bug.cgi?id=1446062 |
Notes |
---|
The libtremor library has the same flaw as CVE-2018-5146. This library is only used by Firefox in place of libvorbis on Android and ARM platforms. |