10 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.93 High
EPSS
Percentile
99.0%
Security research firm VUPEN, via TippingPoint’s Pwn2Own contest, reported that memory pressure during Garbage Collection could lead to memory corruption of TypeObjects in the JS engine, resulting in an exploitable use-after-free condition.
CPE | Name | Operator | Version |
---|---|---|---|
firefox | lt | 28 | |
firefox esr | lt | 24.4 | |
seamonkey | lt | 2.25 | |
thunderbird | lt | 24.4 |