js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript...
High severity
Unreviewed
Published
May 2, 2022
to the GitHub Advisory Database
•
Updated Apr 9, 2025
Description
Published by the National Vulnerability Database
Jul 15, 2009
Published to the GitHub Advisory Database
May 2, 2022
Last updated
Apr 9, 2025
js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.
References