CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of memory after its release.
memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker,
acting remotely, to execute arbitrary code using a specially crafted web page
Vulnerability in AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding() and
AppendEncodedCharacters() functions of Mozilla Firefox, Firefox ESR and Thunderbird mail client are related to integer overflow.
with integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code.
remotely, to execute arbitrary code using a specially crafted web page
The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client exists due to
failure to take measures to protect web page structure when processing html and body tags. Exploitation of the vulnerability
could allow a remote intruder to gain unauthorized access to protected information.
information
The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to errors in the user interface.
in the presentation of information by the user interface. Exploitation of the vulnerability could allow
an attacker acting remotely to obtain permissions from a user
Vulnerability of Windows Error Reporter in Mozilla Firefox, Firefox ESR and Thunderbird email client.
Thunderbird email client of Windows operating systems is related to security configuration errors.
Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code using a specially crafted web page.
Using a specially crafted web page