CVE-2018-12292
CRITICALPale Moon <27.9.3 - Use After Free
Title source: llmDescription
A use-after-free vulnerability exists in DOMProxyHandler::EnsureExpandoObject in Pale Moon before 27.9.3.
Exploits (1)
exploitdb
WORKING POC
by Berk Cem Göksel · textlocalwindows
https://www.exploit-db.com/exploits/44900
Scores
CVSS v3
9.8
EPSS
0.1131
EPSS Percentile
93.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-416
Status
published
Products (1)
palemoon/pale_moon
< 27.9.3
Published
Jun 13, 2018
Tracked Since
Feb 18, 2026