Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
22 Oct 2024, 13:54
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mozilla:firefox:31.5.1:*:*:*:*:*:*:* |
21 Oct 2024, 13:55
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:* |
cpe:2.3:a:mozilla:firefox:31.1.0:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:* |
21 Oct 2024, 13:11
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mozilla:firefox_esr:31.5.2:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox_esr:31.1.1:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox_esr:31.5.3:*:*:*:*:*:*:* |
cpe:2.3:a:mozilla:firefox:31.5.2:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:31.1.1:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:31.3.0:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:31.5.3:*:*:*:*:*:*:* |
Information
Published : 2015-05-14 10:59
Updated : 2024-10-22 13:54
NVD link : CVE-2015-2710
Mitre link : CVE-2015-2710
CVE.ORG link : CVE-2015-2710
JSON object : View
Products Affected
novell
- suse_linux_enterprise_software_development_kit
- suse_linux_enterprise_server
- suse_linux_enterprise_desktop
mozilla
- firefox_esr
- thunderbird
- firefox
opensuse
- opensuse
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer