|
|
Log in / Subscribe / Register

mozilla: code execution

Package(s):firefox, thunderbird, seamonkey CVE #(s):CVE-2015-0828
Created:March 2, 2015 Updated:March 4, 2015
Description: From the CVE entry:

Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScript code that makes an XMLHttpRequest call with zero bytes of data.

Alerts:
Gentoo 201701-15 firefox 2017-01-03
Gentoo 201504-01 firefox 2015-04-07
Mageia MGASA-2015-0126 iceape 2015-04-03
openSUSE openSUSE-SU-2015:0570-1 seamonkey 2015-03-23
openSUSE openSUSE-SU-2015:0404-1 firefox, nss 2015-03-01
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds