Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2016-1960

Source

Mozilla Foundation Security Advisory 2016-23

Use-after-free in HTML5 string parser

Announced

March 8, 2016

Reporter

ca0nguyen

Impact

Critical

Products

Firefox, Firefox ESR, Thunderbird

Fixed in

Firefox 45
Firefox ESR 38.7
Thunderbird 38.7
Thunderbird 45

Description

Security researcher ca0nguyen, working with HP's Zero Day Initiative, reported a use-after-free issue in the HTML5 string parser when parsing a particular set of table-related tags in a foreign fragment context such as SVG. This results in a potentially exploitable crash.

In general this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled, but is potentially a risk in browser or browser-like contexts.

References

ZDI-CAN-3545: Mozilla Firefox nsHtml5TreeBuilder Array Indexing Remote Code Execution Vulnerability (CVE-2016-1960)

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Use-after-free in HTML5 string parser

Use-after-free in HTML5 string parser

Description

References

Vulmon Search

About

Products

Connect