10
HIGH

CVE-2015-2722

Published: 06/07/2015 Updated: 28/12/2016
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

Vulnerability Summary

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox prior to 39.0 and Firefox ESR 31.x prior to 31.8 and 38.x prior to 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker.

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Access Complexity: LOW
Authentication: NONE
Access Vector: NETWORK
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Affected Products

Vendor Product Versions
MozillaFirefox38.1.0
MozillaFirefox Esr31.0, 31.1, 31.1.0, 31.1.1, 31.2, 31.3, 31.3.0, 31.4, 31.5, 31.5.1, 31.5.2, 31.5.3, 31.6.0, 31.7.0, 38.0
NovellSuse Linux Enterprise Desktop12.0
NovellSuse Linux Enterprise Server11, 12.0
NovellSuse Linux Enterprise Software Development Kit12.0
OracleSolaris11.3

Vendor Advisories

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 390 and Firefox ESR 31x before 318 and 38x before 381 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker ...
Use-after-free in workers while using XMLHttpRequest Announced July 2, 2015 Reporter Looben Yang Impact Critical Products Firefox, Firefox ESR, Firefox OS, SeaMonkey Fixed in ...
Firefox could be made to crash or run programs as your login if it opened a malicious website ...
Firefox could be made to crash or run programs as your login if it opened a malicious website ...
Oracle Solaris Third Party Bulletin - April 2016 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critical Patch Upda ...
<!-- content goes here --> Oracle Solaris Third Party Bulletin - October 2015 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day wh ...

References