Описание
Use-after-free vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 on 32-bit Windows 7 platforms allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving use of the file-open dialog in a child window, related to the IUnknown_QueryService function in the Windows shlwapi.dll library.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | windows only |
| hardy | ignored | end of life |
| lucid | not-affected | windows only |
| maverick | not-affected | windows only |
| natty | not-affected | windows only |
| oneiric | not-affected | windows only |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | windows only |
| hardy | ignored | end of life |
| lucid | not-affected | windows only |
| maverick | not-affected | windows only |
| natty | not-affected | windows only |
| oneiric | not-affected | windows only |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | windows only |
| hardy | ignored | end of life |
| lucid | not-affected | windows only |
| maverick | not-affected | windows only |
| natty | not-affected | windows only |
| oneiric | not-affected | windows only |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | ignored | end of life |
| lucid | not-affected | windows only |
| maverick | not-affected | windows only |
| natty | not-affected | windows only |
| oneiric | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | ignored | end of life |
| oneiric | DNE | |
| upstream | needs-triage |
Показывать по
Ссылки на источники
7.5 High
CVSS2
Связанные уязвимости
Use-after-free vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 on 32-bit Windows 7 platforms allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving use of the file-open dialog in a child window, related to the IUnknown_QueryService function in the Windows shlwapi.dll library.
Use-after-free vulnerability in Mozilla Firefox 4.x through 10.0, Fire ...
Use-after-free vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 on 32-bit Windows 7 platforms allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving use of the file-open dialog in a child window, related to the IUnknown_QueryService function in the Windows shlwapi.dll library.
7.5 High
CVSS2