CVE-2017-5375

CRITICAL

Thunderbird <45.7, Firefox ESR <45.7, Firefox <51 - Memory Corruption

Title source: llm

Description

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Rh0 · htmlremotewindows
https://www.exploit-db.com/exploits/44293
exploitdb WORKING POC VERIFIED
by Rh0 · htmlremotewindows
https://www.exploit-db.com/exploits/44294
exploitdb WORKING POC
by Rh0 · htmlremotewindows
https://www.exploit-db.com/exploits/42327

References (15)

Scores

CVSS v3 9.8
EPSS 0.6074
EPSS Percentile 98.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (12)
debian/debian_linux 8.0
mozilla/firefox < 45.7.0
mozilla/thunderbird < 45.7.0
redhat/enterprise_linux_desktop 5.0
redhat/enterprise_linux_desktop 6.0
redhat/enterprise_linux_desktop 7.0
redhat/enterprise_linux_server 5.0
redhat/enterprise_linux_server 6.0
redhat/enterprise_linux_server 7.0
redhat/enterprise_linux_workstation 5.0
... and 2 more
Published Jun 11, 2018
Tracked Since Feb 18, 2026