Lucene search

K
mozillaMozilla FoundationMFSA2012-31
HistoryApr 24, 2012 - 12:00 a.m.

Off-by-one error in OpenType Sanitizer — Mozilla

2012-04-2400:00:00
Mozilla Foundation
www.mozilla.org
50

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.028

Percentile

90.8%

Mateusz Jurczyk of the Google Security Team discovered an off-by-one error in the OpenType Sanitizer using the Address Sanitizer tool. This can lead to an out-of-bounds read and execution of an uninitialized function pointer during parsing and possible remote code execution.

Affected configurations

Vulners
Node
mozillafirefoxRange<12
OR
mozillafirefox_esrRange<10.0.4
OR
mozillaseamonkeyRange<2.9
OR
mozillathunderbirdRange<12
OR
mozillathunderbird_esrRange<10.0.4

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.028

Percentile

90.8%