Описание
The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 29.0+build1-0ubuntu0.14.04.2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [29.0+build1-0ubuntu0.14.04.2]] |
| lucid | ignored | end of life |
| precise | released | 29.0+build1-0ubuntu0.12.04.2 |
| quantal | released | 29.0+build1-0ubuntu0.12.10.3 |
| saucy | released | 29.0+build1-0ubuntu0.13.10.3 |
| trusty | released | 29.0+build1-0ubuntu0.14.04.2 |
| trusty/esm | DNE | trusty was released [29.0+build1-0ubuntu0.14.04.2] |
| upstream | released | 29.0 |
Показывать по
9.3 Critical
CVSS2
Связанные уязвимости
The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document.
The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document.
The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before ...
The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document.
Уязвимость программного обеспечения SeaMonkey, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
9.3 Critical
CVSS2