[Forgot Password]
Login  Register Subscribe

24437

 
 

131815

 
 

116564

 
 

909

 
 

91325

 
 

141

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2015-4488Date: (C)2015-08-18   (M)2018-11-11


Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue::operator self assignment.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1033247
SECTRACK-1033372
DSA-3333
DSA-3410
GLSA-201605-06
RHSA-2015:1586
RHSA-2015:1682
SUSE-SU-2015:1449
SUSE-SU-2015:1528
SUSE-SU-2015:2081
USN-2702-1
USN-2702-2
USN-2702-3
USN-2712-1
http://www.mozilla.org/security/announce/2015/mfsa2015-90.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
https://bugzilla.mozilla.org/show_bug.cgi?id=1176270
openSUSE-SU-2015:1389
openSUSE-SU-2015:1390
openSUSE-SU-2015:1453
openSUSE-SU-2015:1454

CPE    9
cpe:/a:mozilla:firefox_esr:38.0
cpe:/a:mozilla:firefox_esr:38.0.1
cpe:/a:mozilla:firefox_esr:38.1.0
cpe:/a:mozilla:firefox_esr:38.0.5
...
OVAL    23
oval:org.secpod.oval:def:702722
oval:org.secpod.oval:def:702711
oval:org.secpod.oval:def:702714
oval:org.secpod.oval:def:203689
...

© SecPod Technologies