Описание
Use-after-free vulnerability in the XMLHttpRequest::Open implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 might allow remote attackers to execute arbitrary code via a SharedWorker object that makes recursive calls to the open method of an XMLHttpRequest object.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 40.0+build4-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [40.0+build4-0ubuntu0.14.04.1]] |
| precise | released | 40.0+build4-0ubuntu0.12.04.1 |
| trusty | released | 40.0+build4-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [40.0+build4-0ubuntu0.14.04.1] |
| upstream | released | 40.0 |
| vivid | released | 40.0+build4-0ubuntu0.15.04.1 |
Показывать по
7.5 High
CVSS2
Связанные уязвимости
Use-after-free vulnerability in the XMLHttpRequest::Open implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 might allow remote attackers to execute arbitrary code via a SharedWorker object that makes recursive calls to the open method of an XMLHttpRequest object.
Use-after-free vulnerability in the XMLHttpRequest::Open implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 might allow remote attackers to execute arbitrary code via a SharedWorker object that makes recursive calls to the open method of an XMLHttpRequest object.
Use-after-free vulnerability in the XMLHttpRequest::Open implementatio ...
Use-after-free vulnerability in the XMLHttpRequest::Open implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 might allow remote attackers to execute arbitrary code via a SharedWorker object that makes recursive calls to the open method of an XMLHttpRequest object.
Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю выполнить произвольный код при помощи объекта
7.5 High
CVSS2