Vulnerabilities > CVE-2018-12292 - Use After Free vulnerability in Palemoon Pale Moon
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
A use-after-free vulnerability exists in DOMProxyHandler::EnsureExpandoObject in Pale Moon before 27.9.3.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Pale Moon Browser < 27.9.3 - Use After Free (PoC). CVE-2018-12292. Local exploit for Windows platform |
| file | exploits/windows/local/44900.txt |
| id | EDB-ID:44900 |
| last seen | 2018-06-18 |
| modified | 2018-06-18 |
| platform | windows |
| port | |
| published | 2018-06-18 |
| reporter | Exploit-DB |
| source | https://www.exploit-db.com/download/44900/ |
| title | Pale Moon Browser < 27.9.3 - Use After Free (PoC) |
| type | local |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/148228/palemoonbrowser-uaf.txt |
| id | PACKETSTORM:148228 |
| last seen | 2018-06-19 |
| published | 2018-06-18 |
| reporter | Berk Cem Goksel |
| source | https://packetstormsecurity.com/files/148228/Pale-Moon-Browser-Use-After-Free.html |
| title | Pale Moon Browser Use-After-Free |