Thunderbird, Firefox - (bulletinoct2017)ID: oval:org.secpod.oval:def:2101326 | Date: (C)2020-01-18 (M)2022-09-02 |
Class: PATCH | Family: unix |
A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use. This results in a potentially exploitable crash during these operations. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5.
Product: |
web/data/firefox-bookmarks |
web/browser/firefox |
web/browser/firefox/plugin/firefox-java |
mail/thunderbird |
mail/thunderbird/plugin/thunderbird-lightning |