| Severity |
|
| Remote |
|
| Type |
| + |
Arbitrary code execution |
|
| Description |
| + |
A use-after-free vulnerability can occur in Firefox before 57.0 and Thunderbird before 52.5 when flushing and resizing layout because the PressShell object has been freed while still in use. This results in a potentially exploitable crash during these operations. |
|
| References |
| + |
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7828 |
| + |
https://bugzilla.mozilla.org/show_bug.cgi?id=1406750 |
| + |
https://bugzilla.mozilla.org/show_bug.cgi?id=1412252 |
|
| Notes |
|