Описание
If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 102.0+build2-0ubuntu0.18.04.1 |
| devel | not-affected | code not present |
| esm-infra/focal | DNE | |
| focal | released | 102.0+build2-0ubuntu0.20.04.1 |
| impish | released | 102.0+build2-0ubuntu0.21.10.1 |
| jammy | not-affected | code not present |
| kinetic | not-affected | code not present |
| lunar | not-affected | code not present |
| trusty | DNE | |
| upstream | released | 102 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:91.11.0+build2-0ubuntu0.18.04.1 |
| devel | released | 1:91.11.0+build1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | released | 1:91.11.0+build2-0ubuntu0.20.04.1 |
| impish | released | 1:91.11.0+build2-0ubuntu0.21.10.1 |
| jammy | released | 1:91.11.0+build2-0ubuntu0.22.04.1 |
| kinetic | released | 1:91.11.0+build1-0ubuntu1 |
| lunar | released | 1:91.11.0+build1-0ubuntu1 |
| trusty | ignored | end of standard support |
Показывать по
8.8 High
CVSS3
Связанные уязвимости
If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
If an object prototype was corrupted by an attacker, they would have b ...
If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
Уязвимость почтового клиента Thunderbird, браузеров Firefox и Firefox ESR, связанная с неправильной проверкой ввода при обработке атрибутов JavaScript, позволяющая нарушителю выполнить произвольный код JavaScript
8.8 High
CVSS3