Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-12360

Опубликовано: 18 окт. 2018
Источник: debian

Описание

A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
firefox-esrfixed52.9.0esr-1package
firefoxfixed61.0-1package
thunderbirdfixed1:52.9.0-1package

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12360

  • https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12360

  • https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12360

Связанные уязвимости

ubuntu логотип

CVE-2018-12360

CVSS3: 8.8
ubuntu
около 7 лет назад

A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

redhat логотип

CVE-2018-12360

CVSS3: 8.8
redhat
больше 7 лет назад

A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

nvd логотип

CVE-2018-12360

CVSS3: 8.8
nvd
около 7 лет назад

A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

github логотип

GHSA-wm4w-v52h-8qfc

CVSS3: 8.8
github
больше 3 лет назад

A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

fstec логотип

BDU:2019-03462

CVSS3: 8.8
fstec
больше 7 лет назад

Уязвимость браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации