|Date: (C)2008-09-24 (M)2017-11-18|| |
Integer overflow in the MathML component in Mozilla Firefox before 126.96.36.199 and 3.x before 3.0.2, Thunderbird before 188.8.131.52, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via an mtd element with a large integer value in the rowspan attribute, related to the layout engine.
|CVSS Score: 10.0||Access Vector: NETWORK|
|Exploit Score: 10.0||Access Complexity: LOW|
|Impact Score: 10.0||Authentication: NONE|
| ||Confidentiality: COMPLETE|
| ||Integrity: COMPLETE|
| ||Availability: COMPLETE|