Описание
Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | thunderbird | Not affected | ||
| Red Hat Enterprise Linux 6 | thunderbird | Not affected | ||
| Red Hat Enterprise Linux 7 | thunderbird | Not affected | ||
| Red Hat Enterprise Linux 5 | firefox | Fixed | RHSA-2016:1551 | 03.08.2016 |
| Red Hat Enterprise Linux 6 | firefox | Fixed | RHSA-2016:1551 | 03.08.2016 |
| Red Hat Enterprise Linux 7 | firefox | Fixed | RHSA-2016:1551 | 03.08.2016 |
Показывать по
Дополнительная информация
Статус:
EPSS
8.8 High
CVSS3
5.1 Medium
CVSS2
Связанные уязвимости
Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document.
Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document.
Heap-based buffer overflow in the nsBidi::BracketData::AddOpening func ...
Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document.
EPSS
8.8 High
CVSS3
5.1 Medium
CVSS2