← Retour aux CVEs
CVE-2017-7804
N/ADescription
The destructor function for the "WindowsDllDetourPatcher" class can be re-purposed by malicious code in concert with another vulnerability to write arbitrary data to an attacker controlled location in memory. This can be used to bypass existing memory protections in this situation. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
Details CVE
Score CVSS v3.1N/A
Publie6/11/2018
Derniere modification11/25/2025
Sourcenvd
Observations honeypot0
Produits affectes
microsoft:windowsmozilla:firefoxmozilla:thunderbird
Faiblesses (CWE)
CWE-20
References
http://www.securityfocus.com/bid/100234(security@mozilla.org)
http://www.securitytracker.com/id/1039124(security@mozilla.org)
https://bugzilla.mozilla.org/show_bug.cgi?id=1372849(security@mozilla.org)
https://www.mozilla.org/security/advisories/mfsa2017-18/(security@mozilla.org)
https://www.mozilla.org/security/advisories/mfsa2017-19/(security@mozilla.org)
https://www.mozilla.org/security/advisories/mfsa2017-20/(security@mozilla.org)
http://www.securityfocus.com/bid/100234(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039124(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.mozilla.org/show_bug.cgi?id=1372849(af854a3a-2127-422b-91ae-364da2661108)
https://www.mozilla.org/security/advisories/mfsa2017-18/(af854a3a-2127-422b-91ae-364da2661108)
https://www.mozilla.org/security/advisories/mfsa2017-19/(af854a3a-2127-422b-91ae-364da2661108)
https://www.mozilla.org/security/advisories/mfsa2017-20/(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.