When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 63.0 (excluding) |
Firefox_esr | Mozilla | * | 60.3.0 (excluding) |
Thunderbird | Mozilla | * | 60.3.0 (excluding) |