Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-29985

Опубликовано: 17 авг. 2021
Источник: debian
EPSS Низкий

Описание

A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
firefoxfixed91.0-1package
firefox-esrfixed78.13.0esr-1package
thunderbirdfixed1:78.13.0-1package

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2021-33/#CVE-2021-29985

  • https://www.mozilla.org/en-US/security/advisories/mfsa2021-34/#CVE-2021-29985

  • https://www.mozilla.org/en-US/security/advisories/mfsa2021-36/#CVE-2021-29985

EPSS

Процентиль: 52%
0.00295
Низкий

Связанные уязвимости

CVSS3: 8.8
ubuntu
почти 4 года назад

A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.

CVSS3: 8.8
redhat
почти 4 года назад

A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.

CVSS3: 8.8
nvd
почти 4 года назад

A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.

CVSS3: 8.8
github
около 3 лет назад

A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.

CVSS3: 8.8
fstec
почти 4 года назад

Уязвимость метода MediaCacheStream::NotifyDataReceived почтового клиента Thunderbird, браузеров Firefox и Firefox ESR, позволяющая нарушителю выполнить произвольный код в целевой системе

EPSS

Процентиль: 52%
0.00295
Низкий