Versions of Mozilla Firefox ESR earlier than 52.8.1 are unpatched for an overflow condition exists in the βSkScan::FillPath()β function in βcore/SkScan_Path.cppβ that is triggered as certain input is not properly validated when drawing paths with anti-aliasing turned off. This may allow a context-dependent attacker to cause a heap-based buffer overflow, resulting in a denial of service in a process linked against the library or potentially allowing the execution of arbitrary code.
Binary data 700338.prm
Vendor | Product | Version | CPE |
---|---|---|---|
mozilla | firefox_esr | cpe:/a:mozilla:firefox_esr |