DescriptionThe asm.js implementation in Mozilla Firefox before 38.0 does not properly determine heap lengths during identification of cases in which bounds checking may be safely skipped, which allows remote attackers to trigger out-of-bounds write operations and possibly execute arbitrary code, or trigger out-of-bounds read operations and possibly obtain sensitive information from process memory, via crafted JavaScript.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
iceweaselsourcesqueeze(not affected)
iceweaselsourcewheezy(not affected)
iceweaselsourcejessie(not affected)


[jessie] - iceweasel <not-affected> (Only affects 37.x)
[wheezy] - iceweasel <not-affected> (Only affects 37.x)
[squeeze] - iceweasel <not-affected> (Only affects 37.x)

Search for package or bug name: Reporting problems