Описание
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CSS) token sequence that triggers a restyle or reflow operation.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 36.0+build2-0ubuntu4 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [36.0+build2-0ubuntu0.14.04.4]] |
| lucid | ignored | end of life |
| precise | released | 36.0+build2-0ubuntu0.12.04.5 |
| trusty | released | 36.0+build2-0ubuntu0.14.04.4 |
| trusty/esm | DNE | trusty was released [36.0+build2-0ubuntu0.14.04.4] |
| upstream | released | 36 |
| utopic | released | 36.0+build2-0ubuntu0.14.10.4 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CSS) token sequence that triggers a restyle or reflow operation.
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CSS) token sequence that triggers a restyle or reflow operation.
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefo ...
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CSS) token sequence that triggers a restyle or reflow operation.
EPSS
6.8 Medium
CVSS2