Definition
New Search
The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0 Thunderbird before 24.0 and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer over-read) by triggering use of this stack in its empty state.
oval:org.mitre.oval:def:18617
The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0 Thunderbird before 24.0 and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer over-read) by triggering use of this stack in its empty state.
Family:
windows
Status:
ACCEPTED
Platform(s):
- Microsoft Windows 2000
- Microsoft Windows 8
- Microsoft Windows Server 2008
- Microsoft Windows Vista
- Microsoft Windows XP
- Microsoft Windows Server 2008 R2
- Microsoft Windows 7
- Microsoft Windows Server 2003
- Microsoft Windows Server 2012
Class:
vulnerability
Reference(s):
- CVE-2013-1720
Product(s):
- Mozilla Seamonkey
- Mozilla Thunderbird
- Mozilla Firefox