Buffer Over-read and Heap-based Buffer Overflow Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey

Buffer Over-read and Heap-based Buffer Overflow Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey

CVE-2012-1953 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (buffer over-read, incorrect pointer dereference, and heap-based buffer overflow) or possibly execute arbitrary code via a crafted web site.

Learn more about our Web App Pen Testing.