Versions of Mozilla Firefox ESR earlier than 45.5.1 are unpatched for a use-after-free condition in ‘dom/smil/nsSMILTimeContainer.cpp’ that is triggered when handling SVG animations. With a specially crafted web page, a context-dependent attacker can dereference already freed memory and execute arbitrary code.
Binary data 9852.prm
Vendor | Product | Version | CPE |
---|---|---|---|
mozilla | firefox_esr | cpe:/a:mozilla:firefox_esr |