Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-7802

Опубликовано: 08 авг. 2017
Источник: redhat
CVSS3: 9.8
EPSS Низкий

Описание

A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

Дополнительная информация

Статус:

Important
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=1479224Mozilla: Use-after-free resizing image elements (MFSA 2017-19)

EPSS

Процентиль: 86%
0.03042
Низкий

9.8 Critical

CVSS3

Связанные уязвимости

CVSS3: 9.8
ubuntu
около 7 лет назад

A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS3: 9.8
nvd
около 7 лет назад

A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS3: 9.8
debian
около 7 лет назад

A use-after-free vulnerability can occur when manipulating the DOM dur ...

CVSS3: 9.8
github
около 3 лет назад

A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS3: 7.5
fstec
около 8 лет назад

Уязвимость функции mozilla::dom::ImageDocument::UpdateSizeFromLayout браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 86%
0.03042
Низкий

9.8 Critical

CVSS3