Lucene search

K
mozillaMozilla FoundationMFSA2012-41
HistoryJun 18, 2012 - 12:00 a.m.

Use-after-free in nsHTMLSelectElement — Mozilla

2012-06-1800:00:00
Mozilla Foundation
www.mozilla.org
15

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

82.1%

Security researcher regenrecht reported a flaw that affected Firefox versions 4 through 8 via TippingPoint’s Zero Day Initiative. This flaw is a use-after-free in nsHTMLSelectElement when the parent node of the element is no longer active and could allow for possible remote code execution.

Affected configurations

Vulners
Node
mozillafirefoxRange<9
OR
mozillaseamonkeyRange<2.6
OR
mozillathunderbirdRange<9
CPENameOperatorVersion
firefoxlt9
seamonkeylt2.6
thunderbirdlt9

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

82.1%