admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2017/CVE-2017-54xx/CVE-2017-5418.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

154 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2017-5418",
"sourceIdentifier": "security@mozilla.org",
"published": "2018-06-11T21:29:05.047",
"lastModified": "2018-08-07T17:50:03.767",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set patterns. This vulnerability affects Firefox < 52 and Thunderbird < 52."
},
{
"lang": "es",
"value": "Ocurre un error de lectura fuera de l\u00edmites al analizar algunas respuestas HTTP de autorizaci\u00f3n digest, lo que resulta en una fuga de informaci\u00f3n mediante la lectura de memoria aleatoria que contiene coincidencias a patrones establecidos espec\u00edficamente. La vulnerabilidad afecta a Firefox en versiones anteriores a la 52 y Thunderbird en versiones anteriores a la 52."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "52.0",
"matchCriteriaId": "6239EC26-A3A1-4FD4-B96F-F47B09C0CA00"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"versionEndExcluding": "52.0",
"matchCriteriaId": "566987B8-698A-4EB8-8380-FA44DB228B81"
}
]
}
]
}
],
"references": [
{
"url": "http://www.securityfocus.com/bid/96692",
"source": "security@mozilla.org",
"tags": [
"VDB Entry",
"Third Party Advisory"
]
},
{
"url": "http://www.securitytracker.com/id/1037966",
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1338876",
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2017-05/",
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2017-09/",
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink