Lucene search

K
mozillaMozilla FoundationMFSA2010-66
HistoryOct 19, 2010 - 12:00 a.m.

Use-after-free error in nsBarProp — Mozilla

2010-10-1900:00:00
Mozilla Foundation
www.mozilla.org
14

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.168 Low

EPSS

Percentile

95.9%

Security researcher Sergey Glazunov reported that it was possible to access the locationbar property of a window object after it had been closed. Since the closed window’s memory could have been subsequently reused by the system it was possible that an attempt to access the locationbar property could result in the execution of attacker-controlled memory.

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.168 Low

EPSS

Percentile

95.9%

Related for MFSA2010-66