CVE-2018-18500 log
Source |
|
Severity | Critical |
Remote | Yes |
Type | Arbitrary code execution |
Description | A use-after-free vulnerability has been found in Firefox < 65.0, that can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-862 | firefox | 64.0.2-1 | 65.0-1 | Critical | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
06 Feb 2019 | ASA-201902-2 | AVG-862 | firefox | Critical | multiple issues |
References |
---|
https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18500 https://bugzilla.mozilla.org/show_bug.cgi?id=1510114 |