Vulnerability in Mozilla Firefox
CVE-2015-4488
Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue…
EPSS: 0.016 (82.1th percentile) — read the EPSS interpretation.
Affected products
- Mozilla Firefox — versions 38.0, 38.0.1, 38.0.5
- Mozilla Firefox_os — versions 2.1.0
- Oracle Solaris — versions 11.3
- Canonical Ubuntu_linux — versions 12.04, 14.04, 15.04
- Opensuse — versions 13.1, 13.2
- N/a — versions n/a
References
- DSA-3410 (vendor-advisory, x_refsource_DEBIAN)
- SUSE-SU-2015:2081 (vendor-advisory, x_refsource_SUSE)
- USN-2712-1 (x_refsource_UBUNTU, vendor-advisory)
- openSUSE-SU-2015:1454 (vendor-advisory, x_refsource_SUSE)
- USN-2702-3 (x_refsource_UBUNTU, vendor-advisory)
- RHSA-2015:1682 (x_refsource_REDHAT, vendor-advisory)
- openSUSE-SU-2015:1389 (vendor-advisory, Third Party Advisory, x_refsource_SUSE)
- openSUSE-SU-2015:1453 (vendor-advisory, x_refsource_SUSE)
- security@mozilla.org (x_refsource_CONFIRM, Issue Tracking)
- RHSA-2015:1586 (x_refsource_REDHAT, vendor-advisory)