Integer signedness error in the SharedBufferManagerParent::RecvAllocateGrallocBuffer function in the buffer-management implementation in the graphics layer in Mozilla Firefox OS prior to 2.2 might allow malicious users to cause a denial of service (memory corruption) via a negative value of a size parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox os |