Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions.
Max CVSS
9.3
EPSS Score
7.47%
Published
2009-12-17
Updated
2017-09-19
Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.
Max CVSS
10.0
EPSS Score
32.23%
Published
2009-10-29
Updated
2018-10-30
2 vulnerabilities found