3 matches found
The vulnerability of the Firefox browser, which allows a remote attacker to execute arbitrary code or trigger a service denial-of-service attack.
The vulnerability of Firefox’s Firefox browser lies in the function HTMLSourceElement::AfterSetAttr. It involves insufficient restrictions on the original data type of the calculated value when setting attributes for the SOURCE element. Exploiting this vulnerability allows a malicious actor to...
Mozilla Firefox 'HTMLSourceElement::AfterSetAttr' function arbitrary code execution vulnerability
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in the 'HTMLSourceElement::AfterSetAttr' function in Mozilla Firefox 36.0.4 and earlier versions, which stems from a failure to properly restrict the original da...
CVE-2015-0803
The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox before 37.0 does not properly constrain the original data type of a casted value during the setting of a SOURCE element's attributes, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free...