CVE-2017-7828

Summary

A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use. This results in a potentially exploitable crash during these operations. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 57affected
MozillaFirefox ESRunspecified < 52.5affected
MozillaThunderbirdunspecified < 52.5affected

Weaknesses

  • Use-after-free of PressShell while restyling layout

ADP Enrichment

CVE Program Container

Additional References

References