[Forgot Password]
Login  Register Subscribe

24437

 
 

131815

 
 

116370

 
 

909

 
 

90976

 
 

142

Paid content will be excluded from the download.


Download | Alert*
OVAL

Integer overflow vulnerability in Mozilla Firefox and Firefox ESR while loading JavaScript - CVE-2018-12393

ID: oval:org.secpod.oval:def:48211Date: (C)2018-10-25   (M)2018-11-17
Class: VULNERABILITYFamily: windows




Mozilla Firefox 63, Mozilla Firefox ESR 60.3 : A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write.

Platform:
Microsoft Windows Server 2003
Microsoft Windows 8
Microsoft Windows XP
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2016
Microsoft Windows Server 2012 R2
Microsoft Windows 10
Product:
Mozilla Firefox
Mozilla Firefox ESR
Reference:
CVE-2018-12393
CPE    2
cpe:/a:mozilla:firefox_esr:::x86
cpe:/a:mozilla:firefox:::x86

© SecPod Technologies