Описание
Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote attackers to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mechanism via a crafted web site.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 36.0+build2-0ubuntu4 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [36.0+build2-0ubuntu0.14.04.4]] |
| lucid | ignored | end of life |
| precise | released | 36.0+build2-0ubuntu0.12.04.5 |
| trusty | released | 36.0+build2-0ubuntu0.14.04.4 |
| trusty/esm | DNE | trusty was released [36.0+build2-0ubuntu0.14.04.4] |
| upstream | released | 36 |
| utopic | released | 36.0+build2-0ubuntu0.14.10.4 |
Показывать по
EPSS
2.6 Low
CVSS2
Связанные уязвимости
Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote attackers to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mechanism via a crafted web site.
Mozilla Firefox before 36.0 does not properly restrict transitions of ...
Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote attackers to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mechanism via a crafted web site.
EPSS
2.6 Low
CVSS2