The crypto.signText function in Mozilla Firefox and Thunderbird prior to 1.5.0.4 allows remote malicious users to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla thunderbird |
||
mozilla firefox |