Mozilla Products: Access violation with XSLT and uninitialized data - mfsa2013-95ID: oval:org.secpod.oval:def:16293 | Date: (C)2013-12-30 (M)2023-12-07 |
Class: PATCH | Family: macos |
Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover an access violation due to uninitialized data during Extensible Stylesheet Language Transformation (XSLT) processing. This leads to a potentially exploitable crash.
Platform: |
Apple Mac OS 14 |
Apple Mac OS 13 |
Apple Mac OS 12 |
Apple Mac OS 11 |
Apple Mac OS X 10.15 |
Apple Mac OS X 10.14 |
Apple Mac OS X 10.13 |
Apple Mac OS X 10.11 |
Apple Mac OS X 10.12 |
Product: |
Mozilla Firefox |
Mozilla Thunderbird ESR |
Mozilla SeaMonkey |
Mozilla Thunderbird |
Mozilla Firefox ESR |