First published: Tue Mar 07 2017(Updated: )
When adding a range to an object in the DOM, it is possible to use addRange to add the range to an incorrect root object. This triggers a use-after-free, resulting in a potentially exploitable crash.
Credit: security@mozilla.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mozilla Firefox | <52 | 52 |
Mozilla Thunderbird | <52 | 52 |
Mozilla Thunderbird | <52.0 | |
Mozilla Firefox | <52.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)