The get_tile function in Mozilla Firefox prior to 33.0, Firefox ESR 31.x prior to 31.2, and Thunderbird 31.x prior to 31.2 allows remote malicious users to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code via WebM frames with invalid tile sizes that are improperly handled in buffering operations during video playback.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox esr 31.1.0 |
||
mozilla firefox esr 31.0 |
||
mozilla firefox 30.0 |
||
mozilla firefox 31.1.0 |
||
mozilla firefox 31.0 |
||
mozilla firefox |
||
mozilla thunderbird 31.0 |
||
mozilla thunderbird 31.1.0 |