Description
Integer overflow in the JavaScript implementation in Mozilla Firefox before
18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird
before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2,
and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code
via a crafted string concatenation, leading to improper memory allocation
and a heap-based buffer overflow.
Package
Priority: Low
Upstream: | released
(17.0.2)
|
Updated: 2019-12-05 21:02:31 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)