PT-2018-11099 · Moonchild Productions · Pale Moon

Berk Cem Göksel

Published

2018-06-13

Updated

2018-08-11

CVE-2018-12292

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Pale Moon versions prior to 27.9.3

Description A use-after-free issue exists in the DOMProxyHandler::EnsureExpandoObject function.

Recommendations For versions prior to 27.9.3, update to version 27.9.3 or later to resolve the issue.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2018-12292

Pale Moon