- Home
- CVEs with nessus.description==The version of Mozilla Firefox installed on the remote Windows host is
48.x or 49.x prior to 49.0.2. It is, therefore, affected by multiple
vulnerabilities :
- A use-after-free error exists in the
nsTArray_base<T>::SwapArrayElements() function during
actor destruction with service workers. An
unauthenticated, remote attacker can exploit this to
dereference already freed memory, resulting in the
execution of arbitrary code. Note that this
vulnerability only affects version 49.x prior to
49.0.2. (CVE-2016-5287)
- An information disclosure vulnerability exists due to an
unspecified flaw when e10s is disabled. An
unauthenticated, remote attacker can exploit this, via
specially crafted web content, to disclose sensitive
information in the HTTP cache regarding visited URLs and
their content. Note that this vulnerability only affects
version 48.x or 49.x prior to 49.0.2. (CVE-2016-5288)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top