Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2015-7196

Source

Mozilla Foundation Security Advisory 2015-130

JavaScript garbage collection crash with Java applet

Announced

November 3, 2015

Reporter

Vytautas Staraitis

Impact

High

Products

Firefox, Firefox ESR

Fixed in

Firefox 42
Firefox ESR 38.4

Description

Mozilla community member Vytautas Staraitis reported an issue with the interaction of Java applets and JavaScript. The Java plugin can deallocate a JavaScript wrapper when it is still in use, which leads to a JavaScript garbage collection crash. This crash is potentially exploitable.

This issue only affects systems where Java is installed and enabled as a browser plugin. Other systems are unaffected.

References

crashes in GC with Java applet (CVE-2015-7196)

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

JavaScript garbage collection crash with Java applet

JavaScript garbage collection crash with Java applet

Description

References

Vulmon Search

About

Products

Connect