Mozilla SeaMonkey CVE-2014-1594 Input Validation Bypass Vulnerability
Description
Security researchers Byoungyoung Lee, Chengyu Song, and Taesoo Kim at the Georgia Tech Information Security Center (GTISC) reported a bad casting from the BasicThebesLayer to BasicContainerLayer, resulting in undefined behavior. This behavior is potentially exploitable with some compilers but no clear mechanism to trigger it through web content was identified.
Affected Applications
SeaMonkey