Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-12360

Опубликовано: 26 июн. 2018
Источник: redhat
CVSS3: 8.8
EPSS Низкий

Описание

A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 8thunderbirdNot affected
Red Hat Enterprise Linux 6firefoxFixedRHSA-2018:211228.06.2018
Red Hat Enterprise Linux 6thunderbirdFixedRHSA-2018:225124.07.2018
Red Hat Enterprise Linux 7firefoxFixedRHSA-2018:211328.06.2018
Red Hat Enterprise Linux 7thunderbirdFixedRHSA-2018:225224.07.2018

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=1595025Mozilla: Use-after-free using focus()

EPSS

Процентиль: 85%
0.02562
Низкий

8.8 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-12360

CVSS3: 8.8
ubuntu
около 7 лет назад

A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

nvd логотип

CVE-2018-12360

CVSS3: 8.8
nvd
около 7 лет назад

A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

debian логотип

CVE-2018-12360

CVSS3: 8.8
debian
около 7 лет назад

A use-after-free vulnerability can occur when deleting an input elemen ...

github логотип

GHSA-wm4w-v52h-8qfc

CVSS3: 8.8
github
больше 3 лет назад

A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

fstec логотип

BDU:2019-03462

CVSS3: 8.8
fstec
больше 7 лет назад

Уязвимость браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 85%
0.02562
Низкий

8.8 High

CVSS3