HTTP: Mozilla Firefox CopyTexImage2D Integer Overflow.

This signature detects attempts to exploit a known vulnerability in the Mozilla Firefox Web Browser. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.

Extended Description

The copyTexImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via large image dimensions.

Affected Products

Mozilla thunderbird_esr

References

CVE: CVE-2012-5838

Short Name
HTTP:STC:CPTEXIMG2D-IO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2012-5838 CopyTexImage2D Firefox Integer Mozilla Overflow.
Release Date
08/19/2013
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3751
False Positive
Unknown
Vendors

Opensuse

Mozilla

Suse

Canonical

CVSS Score

9.3

Found a potential security threat?