Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
http://www.securityfocus.com/bid/102783
http://www.securitytracker.com/id/1040270
https://access.redhat.com/errata/RHSA-2018:0122
https://access.redhat.com/errata/RHSA-2018:0262
https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
https://usn.ubuntu.com/3544-1/
https://usn.ubuntu.com/3688-1/
https://www.debian.org/security/2018/dsa-4096
https://www.debian.org/security/2018/dsa-4102
https://www.mozilla.org/security/advisories/mfsa2018-02/
Source: MITRE
Published: 2018-06-11
Updated: 2018-08-03
Type: CWE-119
Base Score: 7.5
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 10
Severity: HIGH
Base Score: 9.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 3.9
Severity: CRITICAL