Mozilla : Security Vulnerabilities, CVEs, Published In June 2008 (Code Execution)
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349.
Max CVSS
9.3
EPSS Score
43.47%
Published
2008-06-19
Updated
2018-10-11
1 vulnerabilities found