Loop with Unreachable Exit Condition (Infinite Loop)

The x/text package for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an...

Mozilla Firefox and Firefox ESR 'nsCaseTransformTextRunFactory::TransformString' function heap buffer overflow vulnerability

Mozilla Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A heap buffer overflow vulnerability exists in the Mozilla Firefox and Firefox ESR 'nsCaseTransformTextRunFactory::TransformString' function, which allows remote attackers to build a malicious WE...

Mozilla: Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString (MFSA 2016-85, MFSA 2016-86)

Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to cause a denial of service boolean out-of-bounds write or possibly have unspecified other impact v...