Lucene search

K
mozillaMozilla FoundationMFSA2011-04
HistoryMar 01, 2011 - 12:00 a.m.

Buffer overflow in JavaScript upvarMap — Mozilla

2011-03-0100:00:00
Mozilla Foundation
www.mozilla.org
12

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.199 Low

EPSS

Percentile

96.3%

Security researcher Christian Holler reported that the JavaScript engine’s internal memory mapping of non-local JS variables contained a buffer overflow which could potentially be used by an attacker to run arbitrary code on a victim’s computer.

CPENameOperatorVersion
firefoxlt3.5.17
firefoxlt3.6.14
seamonkeylt2.0.12

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.199 Low

EPSS

Percentile

96.3%