Уязвимость DoS атаки и возможного выполнения произвольного кода в браузерных движках Mozilla Firefox, Thunderbird и SeaMonkey
Описание
Несколько неуточнённых уязвимостей в движке браузера позволяют злоумышленникам вызвать DoS атаку (повреждение памяти и аварийное завершение работы приложения) или возможно выполнить произвольный код через неопределенные векторы.
Затронутые версии ПО
- Mozilla Firefox версий до 3.6.28 и с 4.x по 10.0
- Firefox ESR версии 10.x до 10.0.3
- Thunderbird версий до 3.1.20 и с 5.0 по 10.0
- Thunderbird ESR версии 10.x до 10.0.3
- SeaMonkey версий до 2.8
Тип уязвимости
- Повреждение памяти
- Возможное выполнение произвольного кода
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
Одно из
Одно из
EPSS
7.5 High
CVSS2
Дефекты
Связанные уязвимости
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Multiple unspecified vulnerabilities in the browser engine in Mozilla ...
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
EPSS
7.5 High
CVSS2