header-logo
Suggest Exploit
vendor:
Firefox
by:
Google Security Research
7,5
CVSS
HIGH
Use-After-Free
416
CWE
Product Name: Firefox
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: 64-bit Windows
2020

Use-After-Free Vulnerability in Firefox for 64-bit Windows

The attached file causes a use-after-free when calling the stage setter. The PoC works most consistently in Firefox for 64-bit Windows.

Mitigation:

Update to the latest version of Firefox for 64-bit Windows.
Source

Exploit-DB raw data:

Source: https://code.google.com/p/google-security-research/issues/detail?id=629

The attached file causes a use-after-free when calling the stage setter. The PoC works most consistently in Firefox for 64-bit Windows.


Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/39221.zip

Navigation

Suggest Exploit

Services By CQR