23 matches found
Astra Linux – Vulnerability in Firefox, Thunderbird
An attacker could cause the memory manager to improperly free a pointer that points to attacker-controlled memory, resulting in an assertion error, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR 102.10, Firefox for...
CVE-2023-29536
An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR 102.10, Firefox for...
DEBIAN-CVE-2023-29536
An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR 102.10, Firefox for...
CVE-2023-29536
An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR 102.10, Firefox for...
Mozilla: Invalid free from JavaScript code
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash...
Mozilla: Invalid free from JavaScript code
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash...
Mozilla: Invalid free from JavaScript code
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash...
Mozilla: Invalid free from JavaScript code
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash...
Mozilla: Invalid free from JavaScript code
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash...
Mozilla: Invalid free from JavaScript code
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash...
Mozilla: Invalid free from JavaScript code
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash...
Mozilla: Invalid free from JavaScript code
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash...
Mozilla: Invalid free from JavaScript code
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash...
Mozilla: Invalid free from JavaScript code
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash...
Mozilla: Invalid free from JavaScript code
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash...
SUSE CVE-2023-29536
An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR 102.10, Firefox for...
Design/Logic Flaw
An attacker-controlled memory allocation size can be passed to the C++ new operator in the CServerManager::HandleBrowseLoadIconStreamRequest in messaging.dll. This can be done by sending a specially crafted message to 127.0.0.1:7153. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk...
Mozilla Firefox Thunderbird SeaMonkey nsSVGValue Memory Corruption (CVE-2011-3658)
A memory corruption vulnerability exists in Firefox 7.0 and 8.0, Thunderbird 8.0 and SeaMonkey 2.5. The vulnerability is due to unchecked iteration that could cause an out of bounds access to attacker controlled memory. A sucesseful exploitation could lead to malicious code running in the context...
Buffer overflow in JavaScript atom map — Mozilla
Security researcher Christian Holler reported that the JavaScript engine's internal mapping of string values contained an error in cases where the number of values being stored was above 64K. In such cases an offset pointer was manually moved forwards and backwards to access the larger address...
Dangling pointer vulnerability in LookupGetterOrSetter — Mozilla
Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that when window.lookupGetter is called with no arguments the code assumes the top JavaScript stack value is a property name. Since there were no arguments passed into the function, the top value could represent...