CVE-2015-2731

Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows remote attackers to execute arbitrary code by leveraging client-side JavaScript that triggers removal of a DOM object on the basis of a Content Policy.
References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html
http://rhn.redhat.com/errata/RHSA-2015-1207.html
http://rhn.redhat.com/errata/RHSA-2015-1455.html
http://www.debian.org/security/2015/dsa-3300
http://www.mozilla.org/security/announce/2015/mfsa2015-63.html Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html Third Party Advisory
http://www.securityfocus.com/bid/75541
http://www.securitytracker.com/id/1032783
http://www.securitytracker.com/id/1032784
http://www.ubuntu.com/usn/USN-2656-1
http://www.ubuntu.com/usn/USN-2656-2
https://bugzilla.mozilla.org/show_bug.cgi?id=1149891 Issue Tracking
https://security.gentoo.org/glsa/201512-10
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html
http://rhn.redhat.com/errata/RHSA-2015-1207.html
http://rhn.redhat.com/errata/RHSA-2015-1455.html
http://www.debian.org/security/2015/dsa-3300
http://www.mozilla.org/security/announce/2015/mfsa2015-63.html Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html Third Party Advisory
http://www.securityfocus.com/bid/75541
http://www.securitytracker.com/id/1032783
http://www.securitytracker.com/id/1032784
http://www.ubuntu.com/usn/USN-2656-1
http://www.ubuntu.com/usn/USN-2656-2
https://bugzilla.mozilla.org/show_bug.cgi?id=1149891 Issue Tracking
https://security.gentoo.org/glsa/201512-10
Configurations

Configuration 1 (hide)

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.6.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.7.0:*:*:*:*:*:*:*

History

21 Nov 2024, 02:27

Type Values Removed Values Added
References () http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html - () http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html -
References () http://rhn.redhat.com/errata/RHSA-2015-1207.html - () http://rhn.redhat.com/errata/RHSA-2015-1207.html -
References () http://rhn.redhat.com/errata/RHSA-2015-1455.html - () http://rhn.redhat.com/errata/RHSA-2015-1455.html -
References () http://www.debian.org/security/2015/dsa-3300 - () http://www.debian.org/security/2015/dsa-3300 -
References () http://www.mozilla.org/security/announce/2015/mfsa2015-63.html - Vendor Advisory () http://www.mozilla.org/security/announce/2015/mfsa2015-63.html - Vendor Advisory
References () http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html - Third Party Advisory () http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html - Third Party Advisory
References () http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html - Third Party Advisory () http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html - Third Party Advisory
References () http://www.securityfocus.com/bid/75541 - () http://www.securityfocus.com/bid/75541 -
References () http://www.securitytracker.com/id/1032783 - () http://www.securitytracker.com/id/1032783 -
References () http://www.securitytracker.com/id/1032784 - () http://www.securitytracker.com/id/1032784 -
References () http://www.ubuntu.com/usn/USN-2656-1 - () http://www.ubuntu.com/usn/USN-2656-1 -
References () http://www.ubuntu.com/usn/USN-2656-2 - () http://www.ubuntu.com/usn/USN-2656-2 -
References () https://bugzilla.mozilla.org/show_bug.cgi?id=1149891 - Issue Tracking () https://bugzilla.mozilla.org/show_bug.cgi?id=1149891 - Issue Tracking
References () https://security.gentoo.org/glsa/201512-10 - () https://security.gentoo.org/glsa/201512-10 -

22 Oct 2024, 13:54

Type Values Removed Values Added
CPE cpe:2.3:a:mozilla:firefox_esr:31.5.1:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:31.5.1:*:*:*:*:*:*:*

22 Oct 2024, 13:42

Type Values Removed Values Added
CPE cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*

21 Oct 2024, 13:55

Type Values Removed Values Added
CPE cpe:2.3:a:mozilla:firefox_esr:31.1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*

21 Oct 2024, 13:11

Type Values Removed Values Added
CPE cpe:2.3:a:mozilla:firefox_esr:31.3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.5.3:*:*:*:*:*:*:*

Information

Published : 2015-07-06 02:01

Updated : 2024-11-21 02:27


NVD link : CVE-2015-2731

Mitre link : CVE-2015-2731

CVE.ORG link : CVE-2015-2731


JSON object : View

Products Affected

oracle

  • solaris

mozilla

  • firefox
  • thunderbird
  • firefox_esr