Описание
Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted MP3 file.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 37.0+build2-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [37.0+build2-0ubuntu0.14.04.1]] |
| lucid | ignored | end of life |
| precise | released | 37.0+build2-0ubuntu0.12.04.1 |
| trusty | released | 37.0+build2-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [37.0+build2-0ubuntu0.14.04.1] |
| upstream | released | 37.0 |
| utopic | released | 37.0+build2-0ubuntu0.14.10.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1:31.6.0+build1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1:31.6.0+build1-0ubuntu0.14.04.1]] |
| lucid | ignored | end of life |
| precise | released | 1:31.6.0+build1-0ubuntu0.12.04.1 |
| trusty | released | 1:31.6.0+build1-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [1:31.6.0+build1-0ubuntu0.14.04.1] |
| upstream | released | 31.6.0 |
| utopic | released | 1:31.6.0+build1-0ubuntu0.14.10.1 |
Показывать по
EPSS
5.1 Medium
CVSS2
Связанные уязвимости
Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted MP3 file.
Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted MP3 file.
Use-after-free vulnerability in the AppendElements function in Mozilla ...
Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted MP3 file.
EPSS
5.1 Medium
CVSS2