CVE-2017-5403

Priority
Description
When adding a range to an object in the DOM, it is possible to use
"addRange" to add the range to an incorrect root object. This triggers a
use-after-free, resulting in a potentially exploitable crash. This
vulnerability affects Firefox < 52 and Thunderbird < 52.
Assigned-to
chrisccoulson
Package
Upstream:released (52.0)
Ubuntu 14.04 LTS (Trusty Tahr):released (52.0+build2-0ubuntu0.14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (52.0+build2-0ubuntu0.16.04.1)
More Information

Updated: 2018-10-31 21:26:55 UTC (commit cfa7cf69d76449ccff972ac22f40976a08d908c2)