Описание
Mozilla Firefox before 41.0 allows remote attackers to bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript code with chrome privileges, via a crafted web page that does not use ES5 APIs.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 41.0+build3-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [41.0+build3-0ubuntu0.14.04.1]] |
| precise | released | 41.0+build3-0ubuntu0.12.04.1 |
| trusty | released | 41.0+build3-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [41.0+build3-0ubuntu0.14.04.1] |
| upstream | released | 41.0 |
| vivid | released | 41.0+build3-0ubuntu0.15.04.1 |
Показывать по
EPSS
9.3 Critical
CVSS2
Связанные уязвимости
Mozilla Firefox before 41.0 allows remote attackers to bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript code with chrome privileges, via a crafted web page that does not use ES5 APIs.
Mozilla Firefox before 41.0 allows remote attackers to bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript code with chrome privileges, via a crafted web page that does not use ES5 APIs.
Mozilla Firefox before 41.0 allows remote attackers to bypass certain ...
Mozilla Firefox before 41.0 allows remote attackers to bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript code with chrome privileges, via a crafted web page that does not use ES5 APIs.
Уязвимость браузера Firefox, позволяющая нарушителю обойти механизм защиты ECMAScript 5 (ES5) API и выполнить произвольный код
EPSS
9.3 Critical
CVSS2