CVE-2016-9898

Опубликовано: 14 дек. 2016

Источник: redhat

CVSS3: 9.8

CVSS2: 5.1

Описание

Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	thunderbird	Not affected
Red Hat Enterprise Linux 6	thunderbird	Not affected
Red Hat Enterprise Linux 7	thunderbird	Not affected
Red Hat Enterprise Linux 5	firefox	Fixed	RHSA-2016:2946	14.12.2016
Red Hat Enterprise Linux 6	firefox	Fixed	RHSA-2016:2946	14.12.2016
Red Hat Enterprise Linux 7	firefox	Fixed	RHSA-2016:2946	14.12.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=1404089Mozilla: Use-after-free in Editor while manipulating DOM subtrees (MFSA 2016-94, MFSA 2016-95)

9.8 Critical

CVSS3

5.1 Medium

CVSS2

Связанные уязвимости

CVE-2016-9898

CVSS3: 9.8

ubuntu

около 7 лет назад

Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

CVE-2016-9898

CVSS3: 9.8

nvd

около 7 лет назад

Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

CVE-2016-9898

CVSS3: 9.8

debian

около 7 лет назад

Use-after-free resulting in potentially exploitable crash when manipul ...

GHSA-x35g-9jv4-ff77

CVSS3: 9.8

github

больше 3 лет назад

Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

SUSE-SU-2016:3223-1

suse-cvrf

больше 8 лет назад

Security update for MozillaFirefox

9.8 Critical

CVSS3

5.1 Medium

CVSS2