Описание
Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via crafted JavaScript code that modifies the URI table of a media element, aka ZDI-CAN-3176.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 41.0+build3-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [41.0+build3-0ubuntu0.14.04.1]] |
| precise | released | 41.0+build3-0ubuntu0.12.04.1 |
| trusty | released | 41.0+build3-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [41.0+build3-0ubuntu0.14.04.1] |
| upstream | released | 41.0 |
| vivid | released | 41.0+build3-0ubuntu0.15.04.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1:38.3.0+build1-0ubuntu2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1:38.3.0+build1-0ubuntu0.14.04.1]] |
| precise | released | 1:38.3.0+build1-0ubuntu0.12.04.1 |
| trusty | released | 1:38.3.0+build1-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [1:38.3.0+build1-0ubuntu0.14.04.1] |
| upstream | released | 38.3.0 |
| vivid | released | 1:38.3.0+build1-0ubuntu0.15.04.1 |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via crafted JavaScript code that modifies the URI table of a media element, aka ZDI-CAN-3176.
Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via crafted JavaScript code that modifies the URI table of a media element, aka ZDI-CAN-3176.
Use-after-free vulnerability in the HTMLVideoElement interface in Mozi ...
Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via crafted JavaScript code that modifies the URI table of a media element, aka ZDI-CAN-3176.
Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю выполнить произвольный код
EPSS
7.5 High
CVSS2