Design/Logic Flaw

2012-06-1819:55:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

80.7%

JSON

Use-after-free vulnerability in the nsHTMLSelectElement function in nsHTMLSelectElement.cpp in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allows remote attackers to execute arbitrary code via vectors involving removal of the parent node of an element.

CPENameOperatorVersion
firefoxeq4.0 beta6
firefoxeq4.0 beta1
firefoxeq8.0
firefoxeq4.0 beta9
firefoxeq4.0 beta5
firefoxeq4.0 beta8
firefoxeq4.0 beta12
firefoxeq4.0 beta3
firefoxeq5.0.1
firefoxeq5.0

Name	Operator	Version
firefox	eq	4.0 beta6
firefox	eq	4.0 beta1
firefox	eq	8.0
firefox	eq	4.0 beta9
firefox	eq	4.0 beta5
firefox	eq	4.0 beta8
firefox	eq	4.0 beta12
firefox	eq	4.0 beta3
firefox	eq	5.0.1
firefox	eq	5.0