The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors that trigger rendering of 2D graphics content.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Information
Published : 2015-04-01 03:59
Updated : 2018-10-30 09:27
NVD link : CVE-2015-0806
Mitre link : CVE-2015-0806
JSON object : View
CWE
CWE-17
DEPRECATED: Code
Products Affected
mozilla
- firefox
canonical
- ubuntu_linux
opensuse
- opensuse