The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox prior to 29.0 and SeaMonkey prior to 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote malicious users to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox |
||
mozilla seamonkey |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 12.10 |
||
canonical ubuntu linux 13.10 |
||
canonical ubuntu linux 14.04 |
||
opensuse opensuse 12.3 |
||
opensuse opensuse 13.1 |
||
fedoraproject fedora 19 |