Endpoint Vulnerability

Improperly initialized memory and overflows in some JavaScript functions

Description

Compiler Engineer Dan Gohman of Google discovered a flaw in the JavaScript engine where memory was being incorrectly allocated for some functions and the calls for allocations were not always properly checked for overflow, leading to potential buffer overflows. When combined with other vulnerabilities, these flaws could be potentially exploitable.

Affected Products

Thunderbird

References

CVE-2013-5595,