CVE-2016-9898

Опубликовано: 11 июн. 2018

Источник: debian

EPSS Низкий

Описание

Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

Пакеты

Пакет	Статус	Версия исправления	Тип
firefox	fixed	50.1.0-1	package
firefox-esr	fixed	45.6.0esr-1	package
icedove	fixed	1:45.6.0-2	package

Примечания

https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9898
https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9898

EPSS

Процентиль: 85%

0.0274

Низкий

Связанные уязвимости

CVE-2016-9898

CVSS3: 9.8

ubuntu

около 7 лет назад

Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

CVE-2016-9898

CVSS3: 9.8

redhat

больше 8 лет назад

Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

CVE-2016-9898

CVSS3: 9.8

nvd

около 7 лет назад

Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

GHSA-x35g-9jv4-ff77

CVSS3: 9.8

github

больше 3 лет назад

Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

SUSE-SU-2016:3223-1

suse-cvrf

больше 8 лет назад

Security update for MozillaFirefox

EPSS

Процентиль: 85%

0.0274

Низкий