Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox prior to 40.0.3 and Firefox ESR 38.x prior to 38.2.1 allows remote malicious users to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox esr 38.0.5 |
||
mozilla firefox esr 38.1.0 |
||
mozilla firefox 40.0.2 |
||
mozilla firefox esr 38.0 |
||
mozilla firefox esr 38.0.1 |
||
mozilla firefox esr 38.2.0 |