[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110507

 
 

909

 
 

86504

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

Mozilla Products: NativeKey continues handling key messages after widget is destroyed - mfsa2013-80

ID: oval:org.secpod.oval:def:16375Date: (C)2013-12-30   (M)2018-02-19
Class: PATCHFamily: macos




Mozilla developer Masayuki Nakano discovered that the NativeKey widget continues handling key messages even when it is destroyed by dispatched event listeners. This could result in some key events being applied to other objects or plugins if the widget memory is reallocated to them, leading to a non-exploitable crash.

Platform:
Apple Mac OS X 10.8
Apple Mac OS X 10.9
Apple Mac OS X 10.10
Apple Mac OS X 10.11
Apple Mac OS X 10.12
Apple Mac OS X Server 10.8
Apple Mac OS X Server 10.9
Apple Mac OS X Server 10.10
Apple Mac OS X Server 10.11
Apple Mac OS X Server 10.12
Product:
Mozilla Firefox
Mozilla SeaMonkey
Mozilla Thunderbird
Reference:
MFSA 2013-80
CVE-2013-1723
CVE    1
CVE-2013-1723
CPE    122
cpe:/a:mozilla:thunderbird:17.0.9
cpe:/a:mozilla:thunderbird:17.0.8
cpe:/a:mozilla:thunderbird:17.0.7
cpe:/a:mozilla:thunderbird:17.0.6
...

© SecPod Technologies