Описание
A use-after-free vulnerability can occur while playing a sound notification in Thunderbird. The memory storing the sound data is immediately freed, although the sound is still being played asynchronously, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | 1:60.6.1+build2-0ubuntu0.18.04.1 |
| cosmic | not-affected | |
| devel | not-affected | |
| disco | not-affected | |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty/esm | DNE | |
| upstream | released | 1:60.5.0-1 |
| xenial | not-affected | 1:60.6.1+build2-0ubuntu0.16.04.1 |
Показывать по
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
A use-after-free vulnerability can occur while playing a sound notification in Thunderbird. The memory storing the sound data is immediately freed, although the sound is still being played asynchronously, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5.
A use-after-free vulnerability can occur while playing a sound notific ...
A use-after-free vulnerability can occur while playing a sound notification in Thunderbird. The memory storing the sound data is immediately freed, although the sound is still being played asynchronously, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5.
7.5 High
CVSS2
9.8 Critical
CVSS3