1
PublicDateAtUSN: 2017-08-10
2
Candidate: CVE-2017-7802
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
6
https://usn.ubuntu.com/usn/usn-3391-1
7
https://usn.ubuntu.com/usn/usn-3416-1
9
A use-after-free vulnerability can occur when manipulating the DOM during
10
the resize event of an image element. If these elements have been freed due
11
to a lack of strong references, a potentially exploitable crash may occur
12
when the freed elements are accessed. This vulnerability affects
13
Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
16
tyhicks> mozjs38 contains a copy of the SpiderMonkey JavaScript engine
20
Assigned-to: chrisccoulson
23
upstream_firefox: released (55.0)
24
precise/esm_firefox: DNE
25
trusty_firefox: released (55.0.1+build2-0ubuntu0.14.04.2)
26
vivid/ubuntu-core_firefox: DNE
27
xenial_firefox: released (55.0.1+build2-0ubuntu0.16.04.2)
28
zesty_firefox: released (55.0.1+build2-0ubuntu0.17.04.2)
29
artful_firefox: released (55.0.2+build1-0ubuntu4)
30
bionic_firefox: released (55.0.2+build1-0ubuntu4)
31
devel_firefox: released (55.0.2+build1-0ubuntu4)
34
Priority_thunderbird: low
35
upstream_thunderbird: released (52.3.0)
36
precise/esm_thunderbird: DNE
37
trusty_thunderbird: released (1:52.3.0+build1-0ubuntu0.14.04.1)
38
vivid/ubuntu-core_thunderbird: DNE
39
xenial_thunderbird: released (1:52.3.0+build1-0ubuntu0.16.04.1)
40
zesty_thunderbird: released (1:52.3.0+build1-0ubuntu0.17.04.1)
41
artful_thunderbird: released (1:52.4.0+build1-0ubuntu2)
42
bionic_thunderbird: released (1:52.4.0+build1-0ubuntu2)
43
devel_thunderbird: released (1:52.4.0+build1-0ubuntu2)
46
upstream_mozjs38: needs-triage
47
precise/esm_mozjs38: DNE
49
vivid/ubuntu-core_mozjs38: DNE
51
zesty_mozjs38: ignored (reached end-of-life)
52
artful_mozjs38: needs-triage
53
bionic_mozjs38: needs-triage
54
devel_mozjs38: needs-triage