Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:alpm/archlinux/thunderbird@45.7.1-3

Type alpm

Namespace archlinux

Name thunderbird

Version 45.7.1-3

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 45.8.0-1

Latest_non_vulnerable_version 91.10-1

Affected_by_vulnerabilities

url VCID-4gky-p4gv-u7cw

vulnerability_id VCID-4gky-p4gv-u7cw

summary Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

fixed_packages

url	pkg:alpm/archlinux/thunderbird@45.8.0-1
purl	pkg:alpm/archlinux/thunderbird@45.8.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@45.8.0-1

aliases CVE-2017-5408

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4gky-p4gv-u7cw

url VCID-4ncv-bsfh-kufk

vulnerability_id VCID-4ncv-bsfh-kufk

summary Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

fixed_packages

url	pkg:alpm/archlinux/thunderbird@45.8.0-1
purl	pkg:alpm/archlinux/thunderbird@45.8.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@45.8.0-1

aliases CVE-2017-5410

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4ncv-bsfh-kufk

url VCID-53n9-hyzh-yyaz

vulnerability_id VCID-53n9-hyzh-yyaz

summary Mozilla developers and community members Boris Zbarsky, Christian Holler, Honza Bambas, Jon Coppeard, Randell Jesup, André Bargull, Kan-Ru Chen, and Nathan Froyd reported memory safety bugs present in Firefox 51 and Firefox ESR 45.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

fixed_packages

url	pkg:alpm/archlinux/thunderbird@45.8.0-1
purl	pkg:alpm/archlinux/thunderbird@45.8.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@45.8.0-1

aliases CVE-2017-5398

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-53n9-hyzh-yyaz

url VCID-d5gv-m4u7-3bfc

vulnerability_id VCID-d5gv-m4u7-3bfc

summary JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

fixed_packages

url	pkg:alpm/archlinux/thunderbird@45.8.0-1
purl	pkg:alpm/archlinux/thunderbird@45.8.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@45.8.0-1

aliases CVE-2017-5400

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d5gv-m4u7-3bfc

url VCID-jc41-75ha-97c9

vulnerability_id VCID-jc41-75ha-97c9

summary A crash triggerable by web content in which an ErrorResult references unassigned memory due to a logic error. The resulting crash may be exploitable.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

fixed_packages

url	pkg:alpm/archlinux/thunderbird@45.8.0-1
purl	pkg:alpm/archlinux/thunderbird@45.8.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@45.8.0-1

aliases CVE-2017-5401

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jc41-75ha-97c9

url VCID-m2ee-rr9r-u3ge

vulnerability_id VCID-m2ee-rr9r-u3ge

summary Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

fixed_packages

url	pkg:alpm/archlinux/thunderbird@45.8.0-1
purl	pkg:alpm/archlinux/thunderbird@45.8.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@45.8.0-1

aliases CVE-2017-5405

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m2ee-rr9r-u3ge

url VCID-nv26-s56m-vkdh

vulnerability_id VCID-nv26-s56m-vkdh

summary Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and leads to information disclosure.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

fixed_packages

url	pkg:alpm/archlinux/thunderbird@45.8.0-1
purl	pkg:alpm/archlinux/thunderbird@45.8.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@45.8.0-1

aliases CVE-2017-5407

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nv26-s56m-vkdh

url VCID-wx4s-73zs-cfap

vulnerability_id VCID-wx4s-73zs-cfap

summary A use-after-free can occur when events are fired for a FontFace object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

fixed_packages

url	pkg:alpm/archlinux/thunderbird@45.8.0-1
purl	pkg:alpm/archlinux/thunderbird@45.8.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@45.8.0-1

aliases CVE-2017-5402

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wx4s-73zs-cfap

url VCID-xtbe-gv4p-23fn

vulnerability_id VCID-xtbe-gv4p-23fn

summary A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

fixed_packages

url	pkg:alpm/archlinux/thunderbird@45.8.0-1
purl	pkg:alpm/archlinux/thunderbird@45.8.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@45.8.0-1

aliases CVE-2017-5404

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xtbe-gv4p-23fn

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@45.7.1-3

Package Instance