Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-5264

Опубликовано: 02 авг. 2016
Источник: redhat
CVSS3: 8.8
CVSS2: 5.1
EPSS Низкий

Описание

Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5thunderbirdNot affected
Red Hat Enterprise Linux 6thunderbirdNot affected
Red Hat Enterprise Linux 7thunderbirdNot affected
Red Hat Enterprise Linux 5firefoxFixedRHSA-2016:155103.08.2016
Red Hat Enterprise Linux 6firefoxFixedRHSA-2016:155103.08.2016
Red Hat Enterprise Linux 7firefoxFixedRHSA-2016:155103.08.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1361992Mozilla: Use-after-free when applying SVG effects (MFSA 2016-79)

EPSS

Процентиль: 76%
0.01033
Низкий

8.8 High

CVSS3

5.1 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-5264

CVSS3: 8.8
ubuntu
почти 9 лет назад

Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application.

nvd логотип

CVE-2016-5264

CVSS3: 8.8
nvd
почти 9 лет назад

Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application.

debian логотип

CVE-2016-5264

CVSS3: 8.8
debian
почти 9 лет назад

Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildL ...

github логотип

GHSA-vj6g-r2j4-3gp8

CVSS3: 8.8
github
около 3 лет назад

Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application.

fstec логотип

BDU:2016-01913

fstec
почти 9 лет назад

Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

EPSS

Процентиль: 76%
0.01033
Низкий

8.8 High

CVSS3

5.1 Medium

CVSS2