CVE-2018-5097
CVSS v3.0
9.8 (Critical)
CVSS v2.0
7.5 (High)
EPSS
0.42 % (75th)
Affected Products
10
Advisories
19
A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
Weaknesses
- CWE-416
- Use After Free
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2018-06-11 21:29:12
(6 years ago) - Updated Date
-
2018-08-03 16:55:03
(6 years ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Configuration #5
|
Configuration #6
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...