Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox和SeaMonkey 资源管理错误漏洞
Vulnerability Description
Mozilla Firefox和SeaMonkey都是由美国Mozilla基金会开发。Firefox是一款开源Web浏览器。SeaMonkey是一套免费、开源以及跨平台的网络套装软件。 Mozilla Firefox 28.0及之前的版本和SeaMonkey 2.26:rc1及之前的版本中的‘mozilla::dom::TextTrack::AddCue’函数存在安全漏洞,该漏洞源于程序没有正确的对Text Track Manager变量执行垃圾信息搜集。远程攻击者可借助HTML文件中特制的VIDEO元素
CVSS Information
N/A
Vulnerability Type
N/A