Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:11073
HistoryJan 15, 2019 - 8:56 a.m.

Remote Code Execution (RCE)

2019-01-1508:56:41
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6

EPSS

0.019

Percentile

88.7%

Mozilla Firefox and Thunderbird is vulnerable to remote code execution. A use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function allows a remote attacker to execute arbitrary code on a victim’s system using a malicious web script. The code is executed when the victim visits and loads the malicious page that is hosted on an attacker-controlled server.