Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion failure or a segmentation fault; and (3) vectors related to gczeal, __defineSetter__, and watch, which triggers a hang.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla多个产品 'JavaScript引擎' 拒绝服务和任意代码执行漏洞
Vulnerability Description
Firefox是Mozilla推出的浏览器软件。 Firefox、Thunderbird和SeaMonkey的JavaScript引擎存在拒绝服务攻击和任意代码执行漏洞。远程攻击者可以通过多种方式导致拒绝服务和执行任意代码: (1) 包含"某些未设置元素"数组的结合可能导致程序jsarray.cpp不正确的参数给函数ResizeSlots,这将触发内存破坏; (2) 与js_DecompileValueGenerator,jsopcode.cpp, __defineSetter__,和watch相关的向量
CVSS Information
N/A
Vulnerability Type
N/A