CVE-2015-0805

The CVE-2015-0805 issue affects Mozilla Firefox’s Off Main Thread Compositing (OMTC). The root cause is an incorrect memset call in the interaction with mozilla::layers::BufferTextureClient::AllocateForSurface, enabling remote attackers to trigger memory corruption via rendering of 2D graphics co...

CVE-2015-0805

The Off Main Thread Compositing OMTC implementation in Mozilla Firefox before 37.0 makes an incorrect memset call during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service...

Memory corruption crashes in Off Main Thread Compositing — Mozilla

Security researcher Abhishek Arya Inferno of the Google Chrome Security Team used the Address Sanitizer tool to discover two memory corruption crashes during 2D graphics rendering due to problems in Off Main Thread Compositing. These crashes are potentially exploitable...

KLA10525 Multiple vulnerabilities in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird

Multiple serious vulnerabilities have been found in Mozilla Firefox before 37.0, Mozilla Firefox ESR 31.x before 31.6, Mozilla Thunderbird before 31.6. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause a denial of service heap memory corruption and bypass an...

UBUNTU-CVE-2015-1221

Use-after-free vulnerability in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect ordering of operations in the Web SQL Database thread relative to Blink's main thread, relate...

Adobe Flash Player Double Free (APSB14-24: CVE-2014-0574)

A double free vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error caused by an attempt of the worker thread and the main thread to clear a shared ByteArray simultaneously. This vulnerability could lead to a crash of the player...