{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T05:57:58.512","vulnerabilities":[{"cve":{"id":"CVE-2018-5159","sourceIdentifier":"security@mozilla.org","published":"2018-06-11T21:29:15.327","lastModified":"2025-11-25T17:50:16.803","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8."},{"lang":"es","value":"Puede ocurrir un desbordamiento de enteros en la biblioteca Skia debido al uso de números enteros de 32 bits en un array sin verificaciones de desbordamiento de enteros, resultando en posibles escrituras fuera de límites. Esto podría provocar un fallo potencialmente explotable desencadenable por el contenido web. Esta vulnerabilidad afecta a las versiones anteriores a la 52.8 de Thunderbird, las versiones anteriores a la 52.8 de Thunderbird ESR, las versiones anteriores a la 60 de Firefox y las versiones anteriores a la 52.8 de Firefox ESR."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-190"},{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"16F59A04-14CF-49E2-9973-645477EA09DA"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","matchCriteriaId":"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","matchCriteriaId":"33C068A4-3780-4EAB-A937-6082DF847564"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","matchCriteriaId":"9BBCD86A-E6C7-4444-9D74-F861084090F0"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","matchCriteriaId":"51EF4996-72F4-4FA4-814F-F5991E7A8318"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","matchCriteriaId":"B353CE99-D57C-465B-AAB0-73EF581127D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","matchCriteriaId":"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","matchCriteriaId":"BF77CDCF-B9C9-427D-B2BF-36650FB2148C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","matchCriteriaId":"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","matchCriteriaId":"E5ED5807-55B7-47C5-97A6-03233F4FBC3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","matchCriteriaId":"825ECE2D-E232-46E0-A047-074B34DB1E97"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"52.8.0","matchCriteriaId":"7D3CA9AE-459C-4375-91EB-CD724368798D"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"60.0","matchCriteriaId":"1AD89C37-DC57-40D3-80CE-5126A6C142E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","versionEndExcluding":"52.8.0","matchCriteriaId":"6216B631-0AF7-4438-8575-F23342715F8F"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*","versionEndExcluding":"52.8.0","matchCriteriaId":"5B2A31F2-59B8-4342-B81D-E85DF72EE51A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","matchCriteriaId":"B5A6F2F3-4894-4392-8296-3B8DD2679084"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","matchCriteriaId":"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","matchCriteriaId":"9070C9D8-A14A-467F-8253-33B966C16886"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","matchCriteriaId":"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/104136","source":"security@mozilla.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1040896","source":"security@mozilla.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2018:1414","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2018:1415","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2018:1725","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2018:1726","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1441941","source":"security@mozilla.org","tags":["Issue Tracking","Permissions Required","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html","source":"security@mozilla.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html","source":"security@mozilla.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/201810-01","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/201811-13","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3645-1/","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3660-1/","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2018/dsa-4199","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2018/dsa-4209","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/44759/","source":"security@mozilla.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2018-11/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2018-12/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2018-13/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/104136","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1040896","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2018:1414","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2018:1415","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2018:1725","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2018:1726","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1441941","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Permissions Required","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/201810-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/201811-13","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3645-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3660-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2018/dsa-4199","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2018/dsa-4209","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/44759/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2018-11/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2018-12/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2018-13/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}