Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The gfxTextRun::SanitizeGlyphRuns function in gfx/thebes/src/gfxFont.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 on Mac OS X, when the Core Text API is used, does not properly perform certain deletions, which allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via an HTML document containing invisible Unicode characters, as demonstrated by the U+FEFF, U+FFF9, U+FFFA, and U+FFFB characters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox gfxTextRun::SanitizeGlyphRuns()函数内存破坏漏洞
Vulnerability Description
Mozilla Firefox是美国Mozilla基金会开发的一款开源Web浏览器。 Mozilla Firefox浏览器引擎的gfxTextRun::SanitizeGlyphRuns()等函数在处理超长输入参数时存在内存破坏漏洞,用户受骗访问了恶意网页就会导致浏览器崩溃或执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A