6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.057 Low
EPSS
Percentile
93.3%
Security researchers Byoungyoung Lee, Chengyu Song, and Taesoo Kim at the Georgia Tech Information Security Center (GTISC) reported a bad casting from the BasicThebesLayer to BasicContainerLayer, resulting in undefined behavior. This behavior is potentially exploitable with some compilers but no clear mechanism to trigger it through web content was identified.
CPE | Name | Operator | Version |
---|---|---|---|
firefox | lt | 34 | |
firefox esr | lt | 31.3 | |
firefox os | lt | 2.2 | |
seamonkey | lt | 2.31 | |
thunderbird | lt | 31.3 |