CVE-2018-5150

Source
Severity Critical
Remote Yes
Type Arbitrary code execution
Description
Several memory safety bugs have been found in Firefox before 60.0 and Thunderbird before 52.8. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could be exploited to run arbitrary code.
Group Package Affected Fixed Severity Status Ticket
AVG-707 thunderbird 52.7.0-2 52.8.0-1 Critical Fixed
AVG-693 firefox 59.0.2-3 60.0-1 Critical Fixed
Date Advisory Group Package Severity Description
21 May 2018 ASA-201805-21 AVG-707 thunderbird Critical multiple issues
13 May 2018 ASA-201805-10 AVG-693 firefox Critical multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5150
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1388020%2C1433609%2C1409440%2C1448705%2C1451376%2C1452202%2C1444668%2C1393367%2C1411415%2C1426129