FKIE_CVE-2018-5156

Vulnerability from fkie_nvd - Published: 2018-10-18 13:29 - Updated: 2025-11-25 17:50
Severity ?
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
References
security@mozilla.orghttp://www.securityfocus.com/bid/104560Third Party Advisory, VDB Entry
security@mozilla.orghttp://www.securitytracker.com/id/1041193Third Party Advisory, VDB Entry
security@mozilla.orghttps://access.redhat.com/errata/RHSA-2018:2112Third Party Advisory
security@mozilla.orghttps://access.redhat.com/errata/RHSA-2018:2113Third Party Advisory
security@mozilla.orghttps://bugzilla.mozilla.org/show_bug.cgi?id=1453127Issue Tracking, Permissions Required, Vendor Advisory
security@mozilla.orghttps://lists.debian.org/debian-lts-announce/2018/06/msg00014.htmlMailing List, Third Party Advisory
security@mozilla.orghttps://lists.debian.org/debian-lts-announce/2018/11/msg00011.htmlMailing List, Third Party Advisory
security@mozilla.orghttps://security.gentoo.org/glsa/201810-01Third Party Advisory
security@mozilla.orghttps://security.gentoo.org/glsa/201811-13Third Party Advisory
security@mozilla.orghttps://usn.ubuntu.com/3705-1/Third Party Advisory
security@mozilla.orghttps://www.debian.org/security/2018/dsa-4235Third Party Advisory
security@mozilla.orghttps://www.debian.org/security/2018/dsa-4295Third Party Advisory
security@mozilla.orghttps://www.mozilla.org/security/advisories/mfsa2018-15/Vendor Advisory
security@mozilla.orghttps://www.mozilla.org/security/advisories/mfsa2018-16/Vendor Advisory
security@mozilla.orghttps://www.mozilla.org/security/advisories/mfsa2018-17/Vendor Advisory
security@mozilla.orghttps://www.mozilla.org/security/advisories/mfsa2018-19/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/104560Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1041193Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2018:2112Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2018:2113Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=1453127Issue Tracking, Permissions Required, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2018/06/msg00014.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2018/11/msg00011.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201810-01Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201811-13Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3705-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2018/dsa-4235Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2018/dsa-4295Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.mozilla.org/security/advisories/mfsa2018-15/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.mozilla.org/security/advisories/mfsa2018-16/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.mozilla.org/security/advisories/mfsa2018-17/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.mozilla.org/security/advisories/mfsa2018-19/Vendor Advisory
Impacted products
Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_eus 7.5
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_workstation 7.0
debian debian_linux 8.0
debian debian_linux 9.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.04
canonical ubuntu_linux 17.10
canonical ubuntu_linux 18.04
mozilla firefox *
mozilla firefox *
mozilla firefox *
mozilla thunderbird *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C0F6C3-BDAA-407A-8FA4-7F2566549D46",
              "versionEndExcluding": "52.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F47E7EA-86AF-46A8-8E17-3360A8AE8492",
              "versionEndExcluding": "61.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A41AE9-F936-40FE-9A9E-61E628712ECE",
              "versionEndExcluding": "60.1.0",
              "versionStartIncluding": "52.9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FBD136C-202C-430B-876E-9D10972AA6C4",
              "versionEndExcluding": "60.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61."
    },
    {
      "lang": "es",
      "value": "Puede ocurrir una vulnerabilidad al capturar una transmisi\u00f3n de medios cuando el tipo de origen de medios se cambia al mismo tiempo que se realiza la captura. Esto puede resultar en que los datos de transmisi\u00f3n se env\u00edan al tipo err\u00f3neo, lo que provoca un cierre inesperado potencialmente explotable. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 60, Firefox ESR en versiones anteriores a la 60.1, Firefox en versiones anteriores a la 52.1 y Firefox en versiones anteriores a la 61."
    }
  ],
  "id": "CVE-2018-5156",
  "lastModified": "2025-11-25T17:50:16.803",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-18T13:29:06.557",
  "references": [
    {
      "source": "security@mozilla.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104560"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041193"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2112"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2113"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Issue Tracking",
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1453127"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00014.html"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/201810-01"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/201811-13"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3705-1/"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2018/dsa-4235"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2018/dsa-4295"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2018-15/"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2018-16/"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2018-17/"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2018-19/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104560"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041193"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2112"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2113"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1453127"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00014.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/201810-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/201811-13"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3705-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2018/dsa-4235"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2018/dsa-4295"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2018-15/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2018-16/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2018-17/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2018-19/"
    }
  ],
  "sourceIdentifier": "security@mozilla.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.