CVE Vulnerabilities

CVE-2015-7212

Published: Dec 16, 2015 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
5.1 MODERATE
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V3
Ubuntu
MEDIUM

Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation.

Affected Software

Name Vendor Start Version End Version
Fedora Fedoraproject 22 (including) 22 (including)
Fedora Fedoraproject 23 (including) 23 (including)
Red Hat Enterprise Linux 5 RedHat firefox-0:38.5.0-2.el5_11 *
Red Hat Enterprise Linux 5 RedHat thunderbird-0:38.5.0-1.el5_11 *
Red Hat Enterprise Linux 6 RedHat firefox-0:38.5.0-2.el6_7 *
Red Hat Enterprise Linux 6 RedHat thunderbird-0:38.5.0-1.el6_7 *
Red Hat Enterprise Linux 7 RedHat firefox-0:38.5.0-3.el7_2 *
Red Hat Enterprise Linux 7 RedHat thunderbird-0:38.5.0-1.el7_2 *
Firefox Ubuntu devel *
Firefox Ubuntu precise *
Firefox Ubuntu trusty *
Firefox Ubuntu upstream *
Firefox Ubuntu vivid *
Firefox Ubuntu wily *
Thunderbird Ubuntu devel *
Thunderbird Ubuntu precise *
Thunderbird Ubuntu trusty *
Thunderbird Ubuntu upstream *
Thunderbird Ubuntu vivid *
Thunderbird Ubuntu wily *

References