{"containers": {"cna": {"affected": [{"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"lessThan": "52.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"lessThan": "45.9", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "52.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "53", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2017-04-19T00:00:00", "descriptions": [{"lang": "en", "value": "A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53."}], "problemTypes": [{"descriptions": [{"description": "Use-after-free in txExecutionState destructor during XSLT processing", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-06-12T09:57:01", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"name": "RHSA-2017:1106", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:1106"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-12/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-11/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-10/"}, {"name": "97940", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/97940"}, {"name": "DSA-3831", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2017/dsa-3831"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-13/"}, {"name": "1038320", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1038320"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336832"}, {"name": "RHSA-2017:1104", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:1104"}, {"name": "RHSA-2017:1201", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:1201"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2017-5440", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Thunderbird", "version": {"version_data": [{"version_affected": "<", "version_value": "52.1"}]}}, {"product_name": "Firefox ESR", "version": {"version_data": [{"version_affected": "<", "version_value": "45.9"}, {"version_affected": "<", "version_value": "52.1"}]}}, {"product_name": "Firefox", "version": {"version_data": [{"version_affected": "<", "version_value": "53"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use-after-free in txExecutionState destructor during XSLT processing"}]}]}, "references": {"reference_data": [{"name": "RHSA-2017:1106", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1106"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2017-12/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2017-12/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2017-11/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2017-11/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2017-10/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2017-10/"}, {"name": "97940", "refsource": "BID", "url": "http://www.securityfocus.com/bid/97940"}, {"name": "DSA-3831", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2017/dsa-3831"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2017-13/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2017-13/"}, {"name": "1038320", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038320"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336832", "refsource": "CONFIRM", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336832"}, {"name": "RHSA-2017:1104", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1104"}, {"name": "RHSA-2017:1201", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1201"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T15:04:14.254Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2017:1106", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:1106"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-12/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-11/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-10/"}, {"name": "97940", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/97940"}, {"name": "DSA-3831", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2017/dsa-3831"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-13/"}, {"name": "1038320", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1038320"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336832"}, {"name": "RHSA-2017:1104", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:1104"}, {"name": "RHSA-2017:1201", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:1201"}]}]}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2017-5440", "datePublished": "2018-06-11T21:00:00", "dateReserved": "2017-01-13T00:00:00", "dateUpdated": "2024-08-05T15:04:14.254Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "83FECC93-8DC3-41D0-8E53-45E1F4D53321", "versionEndExcluding": "53.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:52.0:*:*:*:*:*:*:*", "matchCriteriaId": "1C00F05B-5B10-401D-8C5E-517FAF7BCFE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "58F03A98-1317-4A15-BAB3-AC045AA9AAE9", "versionEndExcluding": "45.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "762A750E-2FFF-48F5-941A-99ED9FC2549B", "versionEndExcluding": "52.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53."}, {"lang": "es", "value": "Vulnerabilidad de uso de memoria previamente liberada durante el procesamiento XSLT debido al error para propagar condiciones de error durante el proceso de b\u00fasqueda de coincidencias mientras se eval\u00faa el contexto, lo que conduce a que se empleen objetos cuando ya no existen. Esto resulta en un cierre inesperado potencialmente explotable. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 52.1, Firefox ESR en versiones anteriores a la 45.9, Firefox en versiones anteriores a la 52.1 y Firefox en versiones anteriores a la 53."}], "id": "CVE-2017-5440", "lastModified": "2024-11-21T03:27:37.403", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-06-11T21:29:05.983", "references": [{"source": "security@mozilla.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/97940"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1038320"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:1104"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:1106"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:1201"}, {"source": "security@mozilla.org", "tags": ["Exploit", "Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336832"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2017/dsa-3831"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-10/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-11/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-12/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-13/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/97940"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1038320"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:1104"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:1106"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:1201"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336832"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2017/dsa-3831"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-10/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-11/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-12/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-13/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Nicolas Gr\u00e9goire as the original reporter.", "affected_release": [{"advisory": "RHSA-2017:1104", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "firefox-0:52.1.0-2.el6_9", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2017-04-20T00:00:00Z"}, {"advisory": "RHSA-2017:1201", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "thunderbird-0:52.1.0-1.el6_9", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2017-05-08T00:00:00Z"}, {"advisory": "RHSA-2017:1106", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "firefox-0:52.1.0-2.el7_3", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2017-04-21T00:00:00Z"}, {"advisory": "RHSA-2017:1201", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "thunderbird-0:52.1.0-1.el7_3", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2017-05-08T00:00:00Z"}], "bugzilla": {"description": "Mozilla: Use-after-free in txExecutionState destructor during XSLT processing (MFSA 2017-11, MFSA 2017-12)", "id": "1443322", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443322"}, "csaw": false, "cvss3": {"cvss3_base_score": "9.8", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "details": ["A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53."], "name": "CVE-2017-5440", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2017-04-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-5440\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-5440\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2017-11/#CVE-2017-5440"], "threat_severity": "Important"}