FILE-MULTIMEDIA libvorbis VORBIS audio data out of bounds write attempt
This event is generated when an attacker attempts to exploit an out of bounds write vulnerability in Vorbis audio data.
Allows unauthorized disclosure of information
CVSS base score 8.8
CVSS impact score 5.9
CVSS exploitability score 2.8
Confidentiality Impact HIGH
Integrity Impact HIGH
Availability Impact HIGH
CVE-2018-5146: An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.