Security researchers Tyson Smith and Jesse Schwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover a mechanism where inserting an ordered list into a document through script could lead to a potentially exploitable crash that can be triggered by web content.
CPE | Name | Operator | Version |
---|---|---|---|
firefox | lt | 26 | |
firefox esr | lt | 24.2 | |
seamonkey | lt | 2.23 | |
thunderbird | lt | 24.2 |