Use-after-free vulnerability in the AppendElements function in Mozilla Firefox prior to 37.0, Firefox ESR 31.x prior to 31.6, and Thunderbird prior to 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote malicious users to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted MP3 file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla thunderbird |
||
mozilla firefox |
||
mozilla firefox_esr |