CVE Vulnerabilities

CVE-2015-7218

Published: Dec 16, 2015 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
4.3 MODERATE
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V3
Ubuntu

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a single-byte header frame that triggers incorrect memory allocation.

Affected Software

Name Vendor Start Version End Version
Leap Opensuse 42.1 42.1
Opensuse Opensuse 13.1 13.1
Opensuse Opensuse 13.2 13.2
Firefox Ubuntu devel *
Firefox Ubuntu precise *
Firefox Ubuntu trusty *
Firefox Ubuntu upstream *
Firefox Ubuntu vivid *
Firefox Ubuntu wily *

References