Описание
Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 36.0+build2-0ubuntu4 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [36.0+build2-0ubuntu0.14.04.4]] |
| lucid | ignored | end of life |
| precise | released | 36.0+build2-0ubuntu0.12.04.5 |
| trusty | released | 36.0+build2-0ubuntu0.14.04.4 |
| trusty/esm | DNE | trusty was released [36.0+build2-0ubuntu0.14.04.4] |
| upstream | released | 36 |
| utopic | released | 36.0+build2-0ubuntu0.14.10.4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1:31.5.0+build1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1:31.5.0+build1-0ubuntu0.14.04.1]] |
| lucid | ignored | end of life |
| precise | released | 1:31.5.0+build1-0ubuntu0.12.04.1 |
| trusty | released | 1:31.5.0+build1-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [1:31.5.0+build1-0ubuntu0.14.04.1] |
| upstream | released | 31.5.0 |
| utopic | released | 1:31.5.0+build1-0ubuntu0.14.10.1 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic.
Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic.
Heap-based buffer overflow in the mozilla::gfx::CopyRect function in M ...
Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic.
EPSS
4.3 Medium
CVSS2