| Title | Thunderbird および Firefox における情報漏えいに関する脆弱性 |
|---|---|
| Summary | Thunderbird および Firefox には、情報漏えいに関する脆弱性が存在します。 |
| Possible impacts | 情報を取得される可能性があります。 |
| Solution | ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date | Jan. 24, 2017, midnight |
| Registration Date | Aug. 20, 2018, 10:28 a.m. |
| Last Update | Aug. 20, 2018, 10:28 a.m. |
| CVSS3.0 : 重要 | |
| Score | 7.5 |
|---|---|
| Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
| CVSS2.0 : 警告 | |
| Score | 5 |
|---|---|
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
| レッドハット |
| Red Hat Enterprise Linux |
| Red Hat Enterprise Linux Desktop |
| Red Hat Enterprise Linux Server |
| Red Hat Enterprise Linux Server AUS |
| Red Hat Enterprise Linux Server EUS |
| Red Hat Enterprise Linux Workstation |
| Mozilla Foundation |
| Mozilla Firefox 51 未満 |
| Mozilla Firefox ESR 45.7 未満 |
| Mozilla Thunderbird 45.7 未満 |
| Debian |
| Debian GNU/Linux |
| No | Changed Details | Date of change |
|---|---|---|
| 1 | [2018年08月20日] 掲載 |
Aug. 20, 2018, 10:28 a.m. |
| Summary | Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an object's content using these hash codes. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. |
|---|---|
| Publication Date | June 12, 2018, 6:29 a.m. |
| Registration Date | Jan. 26, 2021, 1:25 p.m. |
| Last Update | Nov. 21, 2024, 12:27 p.m. |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* | |||||
| Configuration2 | or higher | or less | more than | less than | |
| cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:* | |||||
| Configuration3 | or higher | or less | more than | less than | |
| cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* | 45.7.0 | ||||
| Configuration4 | or higher | or less | more than | less than | |
| cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* | 51.0 | ||||
| Configuration5 | or higher | or less | more than | less than | |
| cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* | 45.7.0 | ||||