Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox prior to 31.0, Firefox ESR 24.x prior to 24.7, and Thunderbird prior to 24.7 on Windows allows remote malicious users to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a DirectWrite font-face object.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
mozilla firefox_esr 24.6 |
||
mozilla thunderbird 24.2 |
||
mozilla thunderbird 24.3 |
||
mozilla firefox_esr 24.2 |
||
mozilla firefox_esr 24.3 |
||
mozilla thunderbird 24.0 |
||
mozilla thunderbird 24.0.1 |
||
mozilla firefox_esr 24.0.1 |
||
mozilla firefox_esr 24.0.2 |
||
mozilla firefox |
||
mozilla thunderbird |
||
mozilla thunderbird 24.5 |
||
mozilla thunderbird 24.4 |
||
mozilla firefox_esr 24.0 |
||
mozilla firefox_esr 24.4 |
||
mozilla firefox_esr 24.5 |
||
mozilla thunderbird 24.1 |
||
mozilla thunderbird 24.1.1 |
||
mozilla firefox_esr 24.1.0 |
||
mozilla firefox_esr 24.1.1 |
Vulmon