AVG-659 log

Package firefox
Status Not affected
Severity Critical
Type arbitrary code execution
Affected 59.0-2
Fixed 59.0.1-1
Current 133.0.3-2 [extra]
Ticket None
Created Mon Mar 19 11:18:58 2018
Issue Severity Remote Type Description
CVE-2018-5147 Critical Yes Arbitrary code execution
An out of bounds memory write vulnerability has been discovered in libtremor while processing Vorbis audio data related to codebooks that are not an exact...
References
https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/#CVE-2018-5146
https://bugzilla.mozilla.org/show_bug.cgi?id=1446062
Notes
The libtremor library has the same flaw as CVE-2018-5146. This library is only used by Firefox in place of libvorbis on Android and ARM platforms.