Описание
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 28.0+build2-0ubuntu1 |
| lucid | ignored | end of life |
| precise | released | 28.0+build2-0ubuntu0.12.04.1 |
| quantal | released | 28.0+build2-0ubuntu0.12.10.1 |
| saucy | released | 28.0+build2-0ubuntu0.13.10.1 |
| upstream | released | 28.0 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1:24.4.0+build1-0ubuntu1 |
| lucid | ignored | end of life |
| precise | released | 1:24.4.0+build1-0ubuntu0.12.04.1 |
| quantal | released | 1:24.4.0+build1-0ubuntu0.12.10.1 |
| saucy | released | 1:24.4.0+build1-0ubuntu0.13.10.2 |
| upstream | released | 24.4.0 |
Показывать по
EPSS
6.4 Medium
CVSS2
9.1 Critical
CVSS3
Связанные уязвимости
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 2 ...
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.
Уязвимость пакета программ Mozilla SeaMonkey, позволяющая злоумышленнику выполнить произвольный код, получить доступ к конфиденциальной информации или вызвать отказ в обслуживании
EPSS
6.4 Medium
CVSS2
9.1 Critical
CVSS3