Описание
Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted plugin that does not properly complete initialization.
Отчет
Not vulnerable. This issue does not affect the version of Firefox and Thunderbird package, as shipped with Red Hat Enterprise Linux 5, 6 and 7.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | firefox | Not affected | ||
| Red Hat Enterprise Linux 5 | thunderbird | Not affected | ||
| Red Hat Enterprise Linux 6 | firefox | Not affected | ||
| Red Hat Enterprise Linux 6 | thunderbird | Not affected | ||
| Red Hat Enterprise Linux 7 | firefox | Not affected | ||
| Red Hat Enterprise Linux 7 | thunderbird | Not affected |
Показывать по
Дополнительная информация
Статус:
6.8 Medium
CVSS2
Связанные уязвимости
Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted plugin that does not properly complete initialization.
Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted plugin that does not properly complete initialization.
Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent functio ...
Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted plugin that does not properly complete initialization.
Уязвимость браузера Firefox, позволяющая нарушителю вызвать отказ в обслуживании
6.8 Medium
CVSS2