Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service (plugin crash) or obtain sensitive information via vectors related to member data in a resurrected MonoThread instance.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mono | Mono | * | * |
Moonlight | Novell | 2.0 (including) | 2.0 (including) |
Moonlight | Novell | 2.3.0 (including) | 2.3.0 (including) |
Moonlight | Novell | 2.4 (including) | 2.4 (including) |
Moonlight | Novell | 2.31 (including) | 2.31 (including) |
Moonlight | Novell | 3.0 (including) | 3.0 (including) |
Moonlight | Novell | 3.99 (including) | 3.99 (including) |