CVE-2017-5418

An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set patterns. This vulnerability affects Firefox < 52 and Thunderbird < 52.

Published: Jun 11, 2018
Updated: Apr 13, 2023
CVE: CVE-2017-5418
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.3
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-125

Affected Software
References

Software	From	Fixed in
mozilla / firefox	-	52.0
mozilla / thunderbird	-	52.0

http://www.securityfocus.com/bid/96692
http://www.securitytracker.com/id/1037966
https://bugzilla.mozilla.org/show_bug.cgi?id=1338876
https://www.mozilla.org/security/advisories/mfsa2017-05/
https://www.mozilla.org/security/advisories/mfsa2017-09/

Vulnerability Database

289,871

CVE-2017-5418