10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.247 Low
EPSS
Percentile
96.7%
Use-after-free vulnerability in the JSDependentString::undepend function in
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6,
Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and
SeaMonkey before 2.11 allows remote attackers to cause a denial of service
(memory corruption) or possibly execute arbitrary code via vectors
involving strings with multiple dependencies.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | firefox | < 14.0.1+build1-0ubuntu0.10.04.1 | UNKNOWN |
ubuntu | 11.04 | noarch | firefox | < 14.0.1+build1-0ubuntu0.11.04.1 | UNKNOWN |
ubuntu | 11.10 | noarch | firefox | < 14.0.1+build1-0ubuntu0.11.10.1 | UNKNOWN |
ubuntu | 12.04 | noarch | firefox | < 14.0.1+build1-0ubuntu0.12.04.1 | UNKNOWN |
ubuntu | 10.04 | noarch | thunderbird | < 14.0+build1-0ubuntu0.10.04.1 | UNKNOWN |
ubuntu | 11.04 | noarch | thunderbird | < 14.0+build1-0ubuntu0.11.04.1 | UNKNOWN |
ubuntu | 11.10 | noarch | thunderbird | < 14.0+build1-0ubuntu0.11.10.1 | UNKNOWN |
ubuntu | 12.04 | noarch | thunderbird | < 14.0+build1-0ubuntu0.12.04.1 | UNKNOWN |