CVE-2015-2722 | Vulnerability Database | Aqua Security

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker.

Affected Software

Name	Vendor	Start Version	End Version
Solaris	Oracle	11.3 (including)	11.3 (including)
Red Hat Enterprise Linux 5	RedHat	firefox-0:38.1.0-1.el5_11	*
Red Hat Enterprise Linux 6	RedHat	firefox-0:38.1.0-1.el6_6	*
Red Hat Enterprise Linux 7	RedHat	firefox-0:38.1.0-1.ael7b_1	*
Firefox	Ubuntu	devel	*
Firefox	Ubuntu	precise	*
Firefox	Ubuntu	trusty	*
Firefox	Ubuntu	upstream	*
Firefox	Ubuntu	utopic	*
Firefox	Ubuntu	vivid	*

References

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
http://rhn.redhat.com/errata/RHSA-2015-1207.html
http://www.mozilla.org/security/announce/2015/mfsa2015-65.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://www.securityfocus.com/bid/75541
http://www.securitytracker.com/id/1032783
http://www.securitytracker.com/id/1032784
http://www.ubuntu.com/usn/USN-2656-1
http://www.ubuntu.com/usn/USN-2656-2
https://bugzilla.mozilla.org/show_bug.cgi?id=1166924
https://security.gentoo.org/glsa/201512-10

NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-2722
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html