Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13 and SeaMonkey before 2.0.11ID: oval:org.secpod.oval:def:27 | Date: (C)2011-01-30 (M)2024-03-27 |
Class: VULNERABILITY | Family: windows |
The host is installed with Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13 or SeaMonkey before 2.0.11 and is prone to integer overflow vulnerability. A flaw is present in the NewIdArray function, which allows construction of an array containing a very large number of items causing an overflow of integer value that stores the buffer size. Successful exploitation could let remote attackers to execute arbitrary code by subsequent use of the array object that results in data being written past the end of the buffer causing memory corruption.
Platform: |
Microsoft Windows Server 2022 |
Microsoft Windows 11 |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2016 |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Vista |
Microsoft Windows 7 |
Microsoft Windows 8 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows 10 |
Product: |
Mozilla Firefox |
Mozilla SeaMonkey |