[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

111017

 
 

909

 
 

86402

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2017-7818Date: (C)2018-06-14   (M)2018-06-13


A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers through the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score :
Exploit Score: Exploit Score:
Impact Score: Impact Score:
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector:
Attack Complexity: Access Complexity:
Privileges Required: Authentication:
User Interaction: Confidentiality:
Scope: Integrity:
Confidentiality: Availability:
Integrity:  
Availability:  
  
Reference:
BID-101055
SECTRACK-1039465
DSA-3987
DSA-4014
GLSA-201803-14
RHSA-2017:2831
RHSA-2017:2885
https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html
https://bugzilla.mozilla.org/show_bug.cgi?id=1363723
https://www.mozilla.org/security/advisories/mfsa2017-21/
https://www.mozilla.org/security/advisories/mfsa2017-22/
https://www.mozilla.org/security/advisories/mfsa2017-23/

OVAL    21
oval:org.secpod.oval:def:42422
oval:org.secpod.oval:def:42421
oval:org.secpod.oval:def:603119
oval:org.secpod.oval:def:603148
...

© SecPod Technologies