Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
AudioIPC StreamData could trigger a use-after-free in the Browser process
Vulnerability Description
On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla多款产品 资源管理错误漏洞
Vulnerability Description
Mozilla Firefox等都是美国Mozilla基金会的产品。Mozilla Firefox是一款开源Web浏览器。Mozilla Firefox ESR是Firefox(Web浏览器)的一个延长支持版本。Mozilla Thunderbird是一套从Mozilla Application Suite独立出来的电子邮件客户端软件。 Mozilla多款产品存在资源管理错误漏洞,该漏洞源于释放后重用,可能导致沙箱逃逸。以下产品及版本受到影响:Firefox 136之前版本、Firefox ESR 115
CVSS Information
N/A
Vulnerability Type
N/A