CVE-2015-2731
Mozilla: Use-after-free in Content Policy due to microtask execution error (MFSA 2015-63)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows remote attackers to execute arbitrary code by leveraging client-side JavaScript that triggers removal of a DOM object on the basis of a Content Policy.
Vulnerabilidad de uso después de liberación en la función CSPService::ShouldLoad en la implementación microtask en Mozilla Firefox anterior a 39.0, Firefox ESR 38.x anterior a 38.1, y Thunderbird anterior a 38.1 permite a atacantes remotos ejecutar código arbitrario mediante el aprovechamiento de JavaScript del lado del cliente que provoca la eliminación de un objeto DOM sobre la base de una política de contenidos.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-03-25 CVE Reserved
- 2015-07-03 CVE Published
- 2024-03-12 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-416: Use After Free
CAPEC
References (16)
URL | Tag | Source |
---|---|---|
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | Third Party Advisory | |
http://www.securityfocus.com/bid/75541 | Vdb Entry | |
http://www.securitytracker.com/id/1032783 | Vdb Entry | |
http://www.securitytracker.com/id/1032784 | Vdb Entry | |
https://bugzilla.mozilla.org/show_bug.cgi?id=1149891 | Issue Tracking |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html | 2016-12-28 | |
http://rhn.redhat.com/errata/RHSA-2015-1207.html | 2016-12-28 | |
http://rhn.redhat.com/errata/RHSA-2015-1455.html | 2016-12-28 | |
http://www.debian.org/security/2015/dsa-3300 | 2016-12-28 | |
http://www.mozilla.org/security/announce/2015/mfsa2015-63.html | 2016-12-28 | |
http://www.ubuntu.com/usn/USN-2656-1 | 2016-12-28 | |
http://www.ubuntu.com/usn/USN-2656-2 | 2016-12-28 | |
https://security.gentoo.org/glsa/201512-10 | 2016-12-28 | |
https://access.redhat.com/security/cve/CVE-2015-2731 | 2015-07-20 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1236953 | 2015-07-20 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | <= 38.1.0 Search vendor "Mozilla" for product "Firefox" and version " <= 38.1.0" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | <= 38.0.1 Search vendor "Mozilla" for product "Thunderbird" and version " <= 38.0.1" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | 11.3 Search vendor "Oracle" for product "Solaris" and version "11.3" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 31.0 Search vendor "Mozilla" for product "Firefox Esr" and version "31.0" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 31.1 Search vendor "Mozilla" for product "Firefox Esr" and version "31.1" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 31.1.0 Search vendor "Mozilla" for product "Firefox Esr" and version "31.1.0" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 31.1.1 Search vendor "Mozilla" for product "Firefox Esr" and version "31.1.1" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 31.2 Search vendor "Mozilla" for product "Firefox Esr" and version "31.2" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 31.3 Search vendor "Mozilla" for product "Firefox Esr" and version "31.3" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 31.3.0 Search vendor "Mozilla" for product "Firefox Esr" and version "31.3.0" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 31.4 Search vendor "Mozilla" for product "Firefox Esr" and version "31.4" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 31.5 Search vendor "Mozilla" for product "Firefox Esr" and version "31.5" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 31.5.1 Search vendor "Mozilla" for product "Firefox Esr" and version "31.5.1" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 31.5.2 Search vendor "Mozilla" for product "Firefox Esr" and version "31.5.2" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 31.5.3 Search vendor "Mozilla" for product "Firefox Esr" and version "31.5.3" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 31.6.0 Search vendor "Mozilla" for product "Firefox Esr" and version "31.6.0" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 31.7.0 Search vendor "Mozilla" for product "Firefox Esr" and version "31.7.0" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 38.0 Search vendor "Mozilla" for product "Firefox Esr" and version "38.0" | - |
Affected
|