Описание
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 32.0+build1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [32.0+build1-0ubuntu0.14.04.1]] |
| lucid | ignored | end of life |
| precise | released | 32.0+build1-0ubuntu0.12.04.1 |
| trusty | released | 32.0+build1-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [32.0+build1-0ubuntu0.14.04.1] |
| upstream | released | 32.0 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1:31.1.0+build2-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1:31.1.1+build1-0ubuntu0.14.04.1]] |
| lucid | ignored | end of life |
| precise | released | 1:31.1.0+build2-0ubuntu0.12.04.1 |
| trusty | released | 1:31.1.1+build1-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [1:31.1.1+build1-0ubuntu0.14.04.1] |
| upstream | released | 31.1.0 |
Показывать по
EPSS
10 Critical
CVSS2
Связанные уязвимости
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection.
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection.
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff ...
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection.
Уязвимость программного обеспечения Thunderbird, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
10 Critical
CVSS2