CVE-2017-5437

Upstream information

CVE-2017-5437 at MITRE

Description

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10195, CVE-2016-10196, CVE-2016-10197. Reason: This candidate is a duplicate of CVE-2016-10195, CVE-2016-10196, and CVE-2016-10197. Notes: All CVE users should reference CVE-2016-10195, CVE-2016-10196, and/or CVE-2016-10197 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

SUSE information

CVSS v2 Scores
	SUSE
Base Score	1.85
Vector	AV:L/AC:M/Au:N/C:N/I:N/A:P
Access Vector	Local
Access Complexity	Medium
Authentication	None
Confidentiality Impact	None
Integrity Impact	None
Availability Impact	Partial

SUSE Bugzilla entries: 1035082 [NEW], 1035209 [RESOLVED / INVALID]

SUSE Security Advisories:

SUSE-SU-2017:1175-1, published Thu, 4 May 2017 15:13:58 +0200 (CEST)
SUSE-SU-2017:1248-1, published Thu, 11 May 2017 21:15:07 +0200 (CEST)
openSUSE-SU-2017:1196-1, published Sun, 7 May 2017 00:11:24 +0200 (CEST)
openSUSE-SU-2017:1268-1, published Mon, 15 May 2017 18:20:49 +0200 (CEST)

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise Desktop 12 SP1	`MozillaFirefox >= 45.9.0esr-105.1` `MozillaFirefox-translations >= 45.9.0esr-105.1` `java-1_8_0-openjdk >= 1.8.0.121-23.4` `java-1_8_0-openjdk-headless >= 1.8.0.121-23.4` `libfreebl3 >= 3.29.5-57.1` `libfreebl3-32bit >= 3.29.5-57.1` `libsoftokn3 >= 3.29.5-57.1` `libsoftokn3-32bit >= 3.29.5-57.1` `mozilla-nspr >= 4.13.1-18.1` `mozilla-nspr-32bit >= 4.13.1-18.1` `mozilla-nss >= 3.29.5-57.1` `mozilla-nss-32bit >= 3.29.5-57.1` `mozilla-nss-certs >= 3.29.5-57.1` `mozilla-nss-certs-32bit >= 3.29.5-57.1` `mozilla-nss-sysinit >= 3.29.5-57.1` `mozilla-nss-sysinit-32bit >= 3.29.5-57.1` `mozilla-nss-tools >= 3.29.5-57.1`	Patchnames: SUSE-SLE-DESKTOP-12-SP1-2017-748
SUSE Linux Enterprise Desktop 12 SP2	`MozillaFirefox >= 45.9.0esr-105.1` `MozillaFirefox-translations >= 45.9.0esr-105.1` `java-1_8_0-openjdk >= 1.8.0.121-23.4` `java-1_8_0-openjdk-headless >= 1.8.0.121-23.4` `libfreebl3 >= 3.29.5-57.1` `libfreebl3-32bit >= 3.29.5-57.1` `libsoftokn3 >= 3.29.5-57.1` `libsoftokn3-32bit >= 3.29.5-57.1` `mozilla-nspr >= 4.13.1-18.1` `mozilla-nspr-32bit >= 4.13.1-18.1` `mozilla-nss >= 3.29.5-57.1` `mozilla-nss-32bit >= 3.29.5-57.1` `mozilla-nss-certs >= 3.29.5-57.1` `mozilla-nss-certs-32bit >= 3.29.5-57.1` `mozilla-nss-sysinit >= 3.29.5-57.1` `mozilla-nss-sysinit-32bit >= 3.29.5-57.1` `mozilla-nss-tools >= 3.29.5-57.1`	Patchnames: SUSE-SLE-DESKTOP-12-SP2-2017-748
SUSE Linux Enterprise Point of Sale 11 SP3	`MozillaFirefox >= 45.9.0esr-71.2` `MozillaFirefox-translations >= 45.9.0esr-71.2` `libfreebl3 >= 3.29.5-46.1` `libsoftokn3 >= 3.29.5-46.1` `mozilla-nspr >= 4.13.1-32.1` `mozilla-nss >= 3.29.5-46.1` `mozilla-nss-tools >= 3.29.5-46.1`	Patchnames: sleposp3-MozillaFirefox-13090
SUSE Linux Enterprise Server 11 SP3-LTSS	`MozillaFirefox >= 45.9.0esr-71.2` `MozillaFirefox-translations >= 45.9.0esr-71.2` `libfreebl3 >= 3.29.5-46.1` `libfreebl3-32bit >= 3.29.5-46.1` `libsoftokn3 >= 3.29.5-46.1` `libsoftokn3-32bit >= 3.29.5-46.1` `mozilla-nspr >= 4.13.1-32.1` `mozilla-nspr-32bit >= 4.13.1-32.1` `mozilla-nss >= 3.29.5-46.1` `mozilla-nss-32bit >= 3.29.5-46.1` `mozilla-nss-tools >= 3.29.5-46.1`	Patchnames: slessp3-MozillaFirefox-13090
SUSE Linux Enterprise Server 11 SP4	`MozillaFirefox >= 45.9.0esr-71.2` `MozillaFirefox-translations >= 45.9.0esr-71.2` `libfreebl3 >= 3.29.5-46.1` `libfreebl3-32bit >= 3.29.5-46.1` `libfreebl3-x86 >= 3.29.5-46.1` `libsoftokn3 >= 3.29.5-46.1` `libsoftokn3-32bit >= 3.29.5-46.1` `libsoftokn3-x86 >= 3.29.5-46.1` `mozilla-nspr >= 4.13.1-32.1` `mozilla-nspr-32bit >= 4.13.1-32.1` `mozilla-nspr-x86 >= 4.13.1-32.1` `mozilla-nss >= 3.29.5-46.1` `mozilla-nss-32bit >= 3.29.5-46.1` `mozilla-nss-tools >= 3.29.5-46.1` `mozilla-nss-x86 >= 3.29.5-46.1`	Patchnames: slessp4-MozillaFirefox-13090
SUSE Linux Enterprise Server 12 SP1	`MozillaFirefox >= 45.9.0esr-105.1` `MozillaFirefox-translations >= 45.9.0esr-105.1` `java-1_8_0-openjdk >= 1.8.0.121-23.4` `java-1_8_0-openjdk-demo >= 1.8.0.121-23.4` `java-1_8_0-openjdk-devel >= 1.8.0.121-23.4` `java-1_8_0-openjdk-headless >= 1.8.0.121-23.4` `libfreebl3 >= 3.29.5-57.1` `libfreebl3-32bit >= 3.29.5-57.1` `libfreebl3-hmac >= 3.29.5-57.1` `libfreebl3-hmac-32bit >= 3.29.5-57.1` `libsoftokn3 >= 3.29.5-57.1` `libsoftokn3-32bit >= 3.29.5-57.1` `libsoftokn3-hmac >= 3.29.5-57.1` `libsoftokn3-hmac-32bit >= 3.29.5-57.1` `mozilla-nspr >= 4.13.1-18.1` `mozilla-nspr-32bit >= 4.13.1-18.1` `mozilla-nss >= 3.29.5-57.1` `mozilla-nss-32bit >= 3.29.5-57.1` `mozilla-nss-certs >= 3.29.5-57.1` `mozilla-nss-certs-32bit >= 3.29.5-57.1` `mozilla-nss-sysinit >= 3.29.5-57.1` `mozilla-nss-sysinit-32bit >= 3.29.5-57.1` `mozilla-nss-tools >= 3.29.5-57.1`	Patchnames: SUSE-SLE-SERVER-12-SP1-2017-748
SUSE Linux Enterprise Server 12 SP2	`MozillaFirefox >= 45.9.0esr-105.1` `MozillaFirefox-translations >= 45.9.0esr-105.1` `java-1_8_0-openjdk >= 1.8.0.121-23.4` `java-1_8_0-openjdk-demo >= 1.8.0.121-23.4` `java-1_8_0-openjdk-devel >= 1.8.0.121-23.4` `java-1_8_0-openjdk-headless >= 1.8.0.121-23.4` `libfreebl3 >= 3.29.5-57.1` `libfreebl3-32bit >= 3.29.5-57.1` `libfreebl3-hmac >= 3.29.5-57.1` `libfreebl3-hmac-32bit >= 3.29.5-57.1` `libsoftokn3 >= 3.29.5-57.1` `libsoftokn3-32bit >= 3.29.5-57.1` `libsoftokn3-hmac >= 3.29.5-57.1` `libsoftokn3-hmac-32bit >= 3.29.5-57.1` `mozilla-nspr >= 4.13.1-18.1` `mozilla-nspr-32bit >= 4.13.1-18.1` `mozilla-nss >= 3.29.5-57.1` `mozilla-nss-32bit >= 3.29.5-57.1` `mozilla-nss-certs >= 3.29.5-57.1` `mozilla-nss-certs-32bit >= 3.29.5-57.1` `mozilla-nss-sysinit >= 3.29.5-57.1` `mozilla-nss-sysinit-32bit >= 3.29.5-57.1` `mozilla-nss-tools >= 3.29.5-57.1`	Patchnames: SUSE-SLE-SERVER-12-SP2-2017-748
SUSE Linux Enterprise Server 12-LTSS	`MozillaFirefox >= 45.9.0esr-105.1` `MozillaFirefox-devel >= 45.9.0esr-105.1` `MozillaFirefox-translations >= 45.9.0esr-105.1` `libfreebl3 >= 3.29.5-57.1` `libfreebl3-32bit >= 3.29.5-57.1` `libfreebl3-hmac >= 3.29.5-57.1` `libfreebl3-hmac-32bit >= 3.29.5-57.1` `libsoftokn3 >= 3.29.5-57.1` `libsoftokn3-32bit >= 3.29.5-57.1` `libsoftokn3-hmac >= 3.29.5-57.1` `libsoftokn3-hmac-32bit >= 3.29.5-57.1` `mozilla-nspr >= 4.13.1-18.1` `mozilla-nspr-32bit >= 4.13.1-18.1` `mozilla-nspr-devel >= 4.13.1-18.1` `mozilla-nss >= 3.29.5-57.1` `mozilla-nss-32bit >= 3.29.5-57.1` `mozilla-nss-certs >= 3.29.5-57.1` `mozilla-nss-certs-32bit >= 3.29.5-57.1` `mozilla-nss-devel >= 3.29.5-57.1` `mozilla-nss-sysinit >= 3.29.5-57.1` `mozilla-nss-sysinit-32bit >= 3.29.5-57.1` `mozilla-nss-tools >= 3.29.5-57.1`	Patchnames: SUSE-SLE-SERVER-12-2017-748
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2	`MozillaFirefox >= 45.9.0esr-105.1` `MozillaFirefox-translations >= 45.9.0esr-105.1` `java-1_8_0-openjdk >= 1.8.0.121-23.4` `java-1_8_0-openjdk-demo >= 1.8.0.121-23.4` `java-1_8_0-openjdk-devel >= 1.8.0.121-23.4` `java-1_8_0-openjdk-headless >= 1.8.0.121-23.4` `libfreebl3 >= 3.29.5-57.1` `libfreebl3-hmac >= 3.29.5-57.1` `libsoftokn3 >= 3.29.5-57.1` `libsoftokn3-hmac >= 3.29.5-57.1` `mozilla-nspr >= 4.13.1-18.1` `mozilla-nss >= 3.29.5-57.1` `mozilla-nss-certs >= 3.29.5-57.1` `mozilla-nss-sysinit >= 3.29.5-57.1` `mozilla-nss-tools >= 3.29.5-57.1`	Patchnames: SUSE-SLE-RPI-12-SP2-2017-748
SUSE Linux Enterprise Software Development Kit 11 SP4	`MozillaFirefox >= 45.9.0esr-71.2` `MozillaFirefox-devel >= 45.9.0esr-71.2` `mozilla-nspr >= 4.13.1-32.1` `mozilla-nspr-devel >= 4.13.1-32.1` `mozilla-nss >= 3.29.5-46.1` `mozilla-nss-devel >= 3.29.5-46.1`	Patchnames: sdksp4-MozillaFirefox-13090
SUSE Linux Enterprise Software Development Kit 12 SP1	`MozillaFirefox >= 45.9.0esr-105.1` `MozillaFirefox-devel >= 45.9.0esr-105.1` `mozilla-nspr >= 4.13.1-18.1` `mozilla-nspr-devel >= 4.13.1-18.1` `mozilla-nss >= 3.29.5-57.1` `mozilla-nss-devel >= 3.29.5-57.1`	Patchnames: SUSE-SLE-SDK-12-SP1-2017-748
SUSE Linux Enterprise Software Development Kit 12 SP2	`MozillaFirefox >= 45.9.0esr-105.1` `MozillaFirefox-devel >= 45.9.0esr-105.1` `mozilla-nspr >= 4.13.1-18.1` `mozilla-nspr-devel >= 4.13.1-18.1` `mozilla-nss >= 3.29.5-57.1` `mozilla-nss-devel >= 3.29.5-57.1`	Patchnames: SUSE-SLE-SDK-12-SP2-2017-748
SUSE Linux Enterprise for SAP 12	`MozillaFirefox >= 45.9.0esr-105.1` `MozillaFirefox-devel >= 45.9.0esr-105.1` `MozillaFirefox-translations >= 45.9.0esr-105.1` `libfreebl3 >= 3.29.5-57.1` `libfreebl3-32bit >= 3.29.5-57.1` `libfreebl3-hmac >= 3.29.5-57.1` `libfreebl3-hmac-32bit >= 3.29.5-57.1` `libsoftokn3 >= 3.29.5-57.1` `libsoftokn3-32bit >= 3.29.5-57.1` `libsoftokn3-hmac >= 3.29.5-57.1` `libsoftokn3-hmac-32bit >= 3.29.5-57.1` `mozilla-nspr >= 4.13.1-18.1` `mozilla-nspr-32bit >= 4.13.1-18.1` `mozilla-nspr-devel >= 4.13.1-18.1` `mozilla-nss >= 3.29.5-57.1` `mozilla-nss-32bit >= 3.29.5-57.1` `mozilla-nss-certs >= 3.29.5-57.1` `mozilla-nss-certs-32bit >= 3.29.5-57.1` `mozilla-nss-devel >= 3.29.5-57.1` `mozilla-nss-sysinit >= 3.29.5-57.1` `mozilla-nss-sysinit-32bit >= 3.29.5-57.1` `mozilla-nss-tools >= 3.29.5-57.1`	Patchnames: SUSE-SLE-SAP-12-2017-748
SUSE Manager 2.1	`MozillaFirefox >= 45.9.0esr-71.2` `MozillaFirefox-translations >= 45.9.0esr-71.2` `libfreebl3 >= 3.29.5-46.1` `libfreebl3-32bit >= 3.29.5-46.1` `libsoftokn3 >= 3.29.5-46.1` `libsoftokn3-32bit >= 3.29.5-46.1` `mozilla-nspr >= 4.13.1-32.1` `mozilla-nspr-32bit >= 4.13.1-32.1` `mozilla-nss >= 3.29.5-46.1` `mozilla-nss-32bit >= 3.29.5-46.1` `mozilla-nss-tools >= 3.29.5-46.1`	Patchnames: sleman21-MozillaFirefox-13090
SUSE Manager Proxy 2.1	`MozillaFirefox >= 45.9.0esr-71.2` `MozillaFirefox-translations >= 45.9.0esr-71.2` `libfreebl3 >= 3.29.5-46.1` `libfreebl3-32bit >= 3.29.5-46.1` `libsoftokn3 >= 3.29.5-46.1` `libsoftokn3-32bit >= 3.29.5-46.1` `mozilla-nspr >= 4.13.1-32.1` `mozilla-nspr-32bit >= 4.13.1-32.1` `mozilla-nss >= 3.29.5-46.1` `mozilla-nss-32bit >= 3.29.5-46.1` `mozilla-nss-tools >= 3.29.5-46.1`	Patchnames: slemap21-MozillaFirefox-13090
SUSE OpenStack Cloud 5	`MozillaFirefox >= 45.9.0esr-71.2` `MozillaFirefox-translations >= 45.9.0esr-71.2` `libfreebl3 >= 3.29.5-46.1` `libfreebl3-32bit >= 3.29.5-46.1` `libsoftokn3 >= 3.29.5-46.1` `libsoftokn3-32bit >= 3.29.5-46.1` `mozilla-nspr >= 4.13.1-32.1` `mozilla-nspr-32bit >= 4.13.1-32.1` `mozilla-nss >= 3.29.5-46.1` `mozilla-nss-32bit >= 3.29.5-46.1` `mozilla-nss-tools >= 3.29.5-46.1`	Patchnames: sleclo50sp3-MozillaFirefox-13090
openSUSE Leap 42.1	`MozillaThunderbird >= 52.1.0-42.1` `MozillaThunderbird-buildsymbols >= 52.1.0-42.1` `MozillaThunderbird-debuginfo >= 52.1.0-42.1` `MozillaThunderbird-debugsource >= 52.1.0-42.1` `MozillaThunderbird-devel >= 52.1.0-42.1` `MozillaThunderbird-translations-common >= 52.1.0-42.1` `MozillaThunderbird-translations-other >= 52.1.0-42.1`	Patchnames: openSUSE-2017-545
openSUSE Leap 42.2	`MozillaThunderbird >= 52.1.0-41.3.1` `MozillaThunderbird-buildsymbols >= 52.1.0-41.3.1` `MozillaThunderbird-debuginfo >= 52.1.0-41.3.1` `MozillaThunderbird-debugsource >= 52.1.0-41.3.1` `MozillaThunderbird-devel >= 52.1.0-41.3.1` `MozillaThunderbird-translations-common >= 52.1.0-41.3.1` `MozillaThunderbird-translations-other >= 52.1.0-41.3.1`	Patchnames: openSUSE-2017-545