CVE-2017-5440 log
Source |
|
Severity | High |
Remote | Yes |
Type | Arbitrary code execution |
Description | A use-after-free vulnerability has been found in Firefox < 53, during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-249 | firefox | 52.0.2-1 | 53.0-1 | Critical | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
21 Apr 2017 | ASA-201704-6 | AVG-249 | firefox | Critical | multiple issues |
References |
---|
https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5440 https://bugzilla.mozilla.org/show_bug.cgi?id=1336832 |