CVE-2017-5392

critical

Description

Weak proxy objects have weak references on multiple threads when they should only have them on one, resulting in incorrect memory usage and corruption, which leads to potentially exploitable crashes. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 51.

References

https://www.mozilla.org/security/advisories/mfsa2017-01/

https://bugzilla.mozilla.org/show_bug.cgi?id=1293709

http://www.securitytracker.com/id/1037693

http://www.securityfocus.com/bid/95763

Details

Source: Mitre, NVD

Published: 2018-06-11

Updated: 2018-08-07

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical