{"id":"CVE-2017-5445","details":"A vulnerability while parsing \"application/http-index-format\" format content where uninitialized values are used to create an array. This could allow the reading of uninitialized memory into the arrays affected. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.","modified":"2026-04-16T01:44:41.304452623Z","published":"2018-06-11T21:29:06.280Z","related":["SUSE-SU-2017:1175-1","SUSE-SU-2017:1248-1","SUSE-SU-2017:1669-1","SUSE-SU-2017:2235-1","openSUSE-SU-2017:1268-1","openSUSE-SU-2024:10600-1","openSUSE-SU-2024:10601-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1106"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1201"},{"type":"ADVISORY","url":"https://www.debian.org/security/2017/dsa-3831"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2017-10/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2017-12/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2017-13/"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1038320"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1104"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2017-11/"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/97940"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1344467"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.5"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"fixed":"45.9.0"}]},{"events":[{"introduced":"0"},{"fixed":"53.0"}]},{"events":[{"introduced":"0"},{"last_affected":"52.0"}]},{"events":[{"introduced":"0"},{"fixed":"52.1.0"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-5445.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}