The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a single-byte header frame that triggers incorrect memory allocation.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Leap | Opensuse | 42.1 (including) | 42.1 (including) |
Opensuse | Opensuse | 13.1 (including) | 13.1 (including) |
Opensuse | Opensuse | 13.2 (including) | 13.2 (including) |
Firefox | Ubuntu | devel | * |
Firefox | Ubuntu | precise | * |
Firefox | Ubuntu | trusty | * |
Firefox | Ubuntu | upstream | * |
Firefox | Ubuntu | vivid | * |
Firefox | Ubuntu | wily | * |