SUSE CVE-2013-1720

The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements, which allows remote attackers to execute...

Mozilla Firefox nsHtml5TreeBuilder Use-After-Free

CVE-2016-1960 / Exploit Title: Mozilla Firefox . 1 https://bugzilla.mozilla.org/showbug.cgi?id=1246014 2 https://ftp.mozilla.org/pub/firefox/releases/44.0.2/win32/en-US/ / "use strict"; / This is executed after having pivoted the stack. esp' points to a region on the heap, and the original stack...

Mozilla Firefox < 45.0 - nsHtml5TreeBuilder Use-After-Free (EMET 5.52 Bypass) Exploit

Exploit for windows platform in category remote exploits CVE-2016-1960 / Exploit Title: Mozilla Firefox . 1 https://bugzilla.mozilla.org/showbug.cgi?id=1246014 2 https://ftp.mozilla.org/pub/firefox/releases/44.0.2/win32/en-US/ / "use strict"; / This is executed after having pivoted the stack. esp...

Mozilla Firefox &lt; 45.0 - &#039;nsHtml5TreeBuilder&#039; Use-After-Free (EMET 5.52 Bypass)

CVE-2016-1960 / Exploit Title: Mozilla Firefox . 1 https://bugzilla.mozilla.org/showbug.cgi?id=1246014 2 https://ftp.mozilla.org/pub/firefox/releases/44.0.2/win32/en-US/ / "use strict"; / This is executed after having pivoted the stack. esp' points to a region on the heap, and the original stack...

Mozilla Firefox 45.0 - nsHtml5TreeBuilder Use-After-Free (EMET 5.52 Bypass)

Mozilla Firefox 45.0 - nsHtml5TreeBuilder Use-After-Free EMET 5.52 Bypass CVE-2016-1960 / Exploit Title: Mozilla Firefox . 1 https://bugzilla.mozilla.org/showbug.cgi?id=1246014 2 https://ftp.mozilla.org/pub/firefox/releases/44.0.2/win32/en-US/ / "use strict"; / This is executed after having pivot...

DEBIAN-CVE-2016-1960

Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free by leveraging mishandling of end tags, as demonstrated by...

CVE-2016-1960

CVE-2016-1960 is a vulnerability in Mozilla Firefox’s HTML5 parser (nsHtml5TreeBuilder) involving an integer underflow that enables a use-after-free scenario when parsing end tags in a foreign fragment context (SVG). Affects Firefox before 45.0 and Firefox ESR 38.x before 38.7; exploitation can l...

CVE-2013-1720

The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements, which allows remote attackers to execute...