Multiple race conditions in dom/media/systemservices/CamerasChild.cpp in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| webrtc_project | webrtc | - |
Use-after-free vulnerability in the DesktopDisplayDevice class in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| webrtc_project | webrtc | - |
Pion WebRTC before 3.0.15 didn't properly tear down the DTLS Connection when certificate verification failed. The PeerConnectionState was set to failed, but a user could ignore that and continue to use the PeerConnection. )A WebRTC implementation shouldn't allow the user to continue if verification has failed.)
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| webrtc_project | webrtc | * |
Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| apple | mac_os_x | 10.15.7 |
| webrtc_project | webrtc | - |
| apple | tvos | * |
| chrome | * | |
| apple | iphone_os | * |
| fedoraproject | extra_packages_for_enterprise_linux | 8.0 |
| wpewebkit | wpe_webkit | * |
| fedoraproject | fedora | 36 |
| apple | mac_os_x | * |
| webkitgtk | webkitgtk | * |
| fedoraproject | fedora | 35 |
| apple | macos | * |
| apple | ipados | * |
| apple | watchos | * |