9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.168 Low
EPSS
Percentile
95.9%
Security researcher Sergey Glazunov reported that it was possible to access the locationbar property of a window object after it had been closed. Since the closed window’s memory could have been subsequently reused by the system it was possible that an attempt to access the locationbar property could result in the execution of attacker-controlled memory.
CPE | Name | Operator | Version |
---|---|---|---|
firefox | lt | 3.5.14 | |
firefox | lt | 3.6.11 | |
seamonkey | lt | 2.0.9 | |
thunderbird | lt | 3.0.9 | |
thunderbird | lt | 3.1.5 |