The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors that trigger rendering of 2D graphics content.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
No history.
Information
Published : 2015-04-01 10:59
Updated : 2024-02-04 18:35
NVD link : CVE-2015-0806
Mitre link : CVE-2015-0806
CVE.ORG link : CVE-2015-0806
JSON object : View
Products Affected
mozilla
- firefox
canonical
- ubuntu_linux
opensuse
- opensuse
CWE
CWE-17
DEPRECATED: Code