SUSE CVE-2011-0058

Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, on Windows allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a long string that triggers construction of a long text run...

SUSE CVE-2015-0826

The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read of heap memory via a crafted Cascading Style Sheets CSS token sequence that triggers a restyle or reflow operation...

Mozilla: Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString (MFSA 2016-85, MFSA 2016-86)

Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to cause a denial of service boolean out-of-bounds write or possibly have unspecified other impact v...

openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-3141)

Mozilla XULRunner 1.9.1 was updated to version 1.9.1.13, fixing various bugs and security issues. Following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based...

CVE-2012-3962

Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly iterate through the characters in a text run, which allows remote attackers to execute arbitrary code via a crafted document...

Mozilla: Multiple Use-after-free issues (MFSA 2012-58)

Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of...

Mozilla: Multiple Use-after-free issues (MFSA 2012-58)

Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly iterate through the characters in a text run, which allows remote attackers to execute arbitrary code via a crafted document...

Mozilla Foundation Security Advisory 2011-07

Mozilla Foundation Security Advisory 2011-07 Title: Memory corruption during text run construction Windows Impact: Critical Announced: March 1, 2011 Reporter: Alex Miller Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.14 Firefox 3.5.17 SeaMonkey 2.0.12 Description Alex Miller reported that wh...

CVE-2011-0058

Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, on Windows allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a long string that triggers construction of a long text run...

Mozilla memory corruption during text run construction (MFSA 2011-07)

Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, on Windows allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a long string that triggers construction of a long text run...

CVE-2011-0058

Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, on Windows allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a long string that triggers construction of a long text run...

Memory corruption during text run construction (Windows) — Mozilla

Alex Miller reported that when very long strings were constructed and inserted into an HTML document, the browser would incorrectly construct the layout objects used to display the text. Under such conditions an incorrect length would be calculated for a text run resulting in too small of a memor...

Immunity Canvas: FIREFOX_APPENDCHILD

Name| firefoxappendchild ---|--- CVE| CVE-2010-3765 Exploit Pack| CANVAS Description| firefoxappendchild Notes| CVE Name: CVE-2010-3765 VENDOR: Mozilla Notes: Interleaving document.write and appendChild can lead to duplicate text frames and overrunning of text run buffers. This exploit can only b...

Heap overflow

Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a bidirectional text run...

CVE-2010-3166

Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a bidirectional text run...

CVE-2010-1986

Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service memory consumption and application crash via JavaScript code that creates multiple arrays containing elements with long string values, and then appends long strings to the content of a P element, related ...

Firefox browser engine crashes

The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to 1...