The nsScannerString::AppendUnicodeTo function in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7 does not verify that memory allocation succeeds, which allows remote malicious users to execute arbitrary code or cause a denial of service (out-of-bounds read) via crafted Unicode data in an HTML, XML, or SVG document.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox esr 38.3.0 |
||
mozilla firefox esr 38.2.1 |
||
mozilla firefox |
||
mozilla thunderbird |
||
mozilla firefox esr 38.2.0 |
||
mozilla firefox esr 38.1.1 |
||
mozilla firefox esr 38.6.1 |
||
mozilla firefox esr 38.6.0 |
||
mozilla firefox esr 38.1.0 |
||
mozilla firefox esr 38.0.5 |
||
mozilla firefox esr 38.5.1 |
||
mozilla firefox esr 38.5.0 |
||
mozilla firefox esr 38.4.0 |
||
mozilla firefox esr 38.0.1 |
||
mozilla firefox esr 38.0 |
||
oracle linux 6 |
||
oracle linux 5.0 |
||
oracle linux 7 |
||
opensuse leap 42.1 |
||
opensuse opensuse 13.2 |
||
suse linux enterprise 12.0 |
||
opensuse opensuse 13.1 |