Mozilla Firefox Thunderbird Multiple Memory Corruption Vulnerabilities
15 Apr. 2015
Multiple vulnerabilities in the browser engine in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
The information has been provided by Christoph Diehl, Christian Holler, Gary Kwong, Jesse Ruderman, Byron Campen, Terrence Cole, and Nils Ohlmeier.
* Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32
* Mozilla Firefox after 35.0, Firefox ESR 31.x after 31.4, Thunderbird after 31.4, and SeaMonkey after 2.32
Mozilla Firefox, SeaMonkey, and Thunderbird are prone to multiple remote memory-corruption vulnerabilities. An attacker could exploit these issues by enticing an unsuspecting user to view malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.