The nsTextFrame::ClearTextRun function in layout/generic...
High severity
Unreviewed
Published
May 2, 2022
to the GitHub Advisory Database
•
Updated Jan 31, 2023
Description
Published by the National Vulnerability Database
Apr 30, 2009
Published to the GitHub Advisory Database
May 2, 2022
Last updated
Jan 31, 2023
The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2009-1302.
References