Описание
A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | firefox | Will not fix | ||
| Red Hat Enterprise Linux 5 | thunderbird | Will not fix | ||
| Red Hat Enterprise Linux 6 | firefox | Fixed | RHSA-2017:1104 | 20.04.2017 |
| Red Hat Enterprise Linux 6 | thunderbird | Fixed | RHSA-2017:1201 | 08.05.2017 |
| Red Hat Enterprise Linux 7 | firefox | Fixed | RHSA-2017:1106 | 21.04.2017 |
| Red Hat Enterprise Linux 7 | thunderbird | Fixed | RHSA-2017:1201 | 08.05.2017 |
Показывать по
Дополнительная информация
Статус:
9.8 Critical
CVSS3
Связанные уязвимости
A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
A use-after-free vulnerability during XSLT processing due to the resul ...
A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
Уязвимость функции nsAutoPtr браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании
9.8 Critical
CVSS3