Описание
Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 48.0+build2-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [48.0+build2-0ubuntu0.14.04.1]] |
| precise | released | 48.0+build2-0ubuntu0.12.04.1 |
| trusty | released | 48.0+build2-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [48.0+build2-0ubuntu0.14.04.1] |
| upstream | released | 48 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 48.0+build2-0ubuntu0.16.04.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected] |
| precise | not-affected | |
| trusty | not-affected | |
| trusty/esm | DNE | trusty was not-affected |
| upstream | not-affected | |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | not-affected |
Показывать по
7.5 High
CVSS2
8.8 High
CVSS3
Связанные уязвимости
Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.
Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.
Integer overflow in the WebSocketChannel class in the WebSockets subsy ...
Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.
Уязвимость браузера Firefox, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
7.5 High
CVSS2
8.8 High
CVSS3