CVE-2013-0767

CVE-2013-0767 affects Mozilla Firefox (and related Mozilla components) with the nsSVGPathElement::GetPathLengthScale path handling. The vulnerability allows remote attackers to execute arbitrary code or cause a denial of service via an out-of-bounds read, reported for Firefox before 18.0, ESR 10....

Mozilla Firefox nsSVGPathElement::GetPathLengthScale越界读取漏洞

BUGTRAQ ID: 57195 CVECAN ID: CVE-2013-0767 Firefox是一款非常流行的开源WEB浏览器。SeaMonkey是开源的Web浏览器、邮件和新闻组客户端、IRC会话客户端和HTML编辑器。Thunderbird是一个邮件客户端，支持IMAP、POP邮件协议以及HTML邮件格式。 Mozilla Firefox 18, ESR 17.0.1, ESR 10.0.12的nsSVGPathElement::GetPathLengthScale内存在越界读取漏洞，可导致远程代码执行。 0 Mozilla Firefox 18.0 Mozilla Firef...

Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2013-02)

The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary...