Crash when using debugger with SavedStacks in JavaScript — Mozilla

2015-09-2200:00:00

Mozilla Foundation

www.mozilla.org

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

EPSS

0.017

Percentile

87.8%

JSON

Security researcher Spandan Veggalam reported a crash while using the debugger API with SavedStacks in JavaScript. This crash can only occurs when the debugger is in use but may be potentially exploitable.

Affected configurations

Vulners

Node

mozillafirefoxRange<41

mozillafirefox_osRange<2.5

mozillaseamonkeyRange<2.38

VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillafirefox_os*cpe:2.3:o:mozilla:firefox_os:*:*:*:*:*:*:*:*
mozillaseamonkey*cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	*	cpe:2.3:a:mozilla:firefox::::::::
mozilla	firefox_os	*	cpe:2.3:o:mozilla:firefox_os::::::::
mozilla	seamonkey	*	cpe:2.3:a:mozilla:seamonkey::::::::