CVE-2015-0831

Опубликовано: 25 фев. 2015

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Уязвимость типа "использование после освобождения" (use-after-free) в функции mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex, позволяющая удаленно выполнять произвольный код или вызвать DoS атаку

Описание

Уязвимость типа "использование после освобождения" (use-after-free) обнаружена в функции mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex в Mozilla Firefox и Thunderbird. Данная уязвимость позволяет удалённым злоумышленникам выполнять произвольный код или вызвать DoS атаку через повреждение кучи. Это происходит из-за некорректной обработки специально созданного содержимого во время создания индекса IndexedDB.

Затронутые версии ПО

Mozilla Firefox до версии 36.0
Mozilla Firefox ESR 31.x до версии 31.5
Mozilla Thunderbird до версии 31.5

Тип уязвимости

Удалённое выполнение кода
DoS атака через повреждение памяти

Ссылки

CWE-416: Use After Free

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00001.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00006.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00007.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00008.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00026.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
http://lists.opensuse.org/opensuse-updates/2015-03/msg00067.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-0265.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-0266.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-0642.html
Third Party Advisory
http://www.debian.org/security/2015/dsa-3174
Third Party Advisory
http://www.debian.org/security/2015/dsa-3179
Third Party Advisory
http://www.mozilla.org/security/announce/2015/mfsa2015-16.html
Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
Third Party Advisory
http://www.securityfocus.com/bid/72746
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031791
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031792
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-2505-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2506-1
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

Версия до 31.4 (включая)

cpe:2.3:a:mozilla:thunderbird:31.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:31.1.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:31.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:31.3:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

Версия до 35.0.1 (включая)

cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.14:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.15:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.16:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.17:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.18:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.19:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.13:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.14:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.15:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.16:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.17:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.18:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.19:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.13:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.14:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.15:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.16:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.17:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.18:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.19:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.20:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.21:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.22:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.23:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.24:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.25:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.26:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.27:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.28:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:11.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:12.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:12.0:beta6:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:13.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:13.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:14.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:14.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:15.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:15.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:16.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:16.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:16.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:18.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:18.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:18.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:20.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:21.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:22.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:23.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:23.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:24.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:24.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:24.1.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:25.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:25.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:26.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:27.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:27.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:28.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:29.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:29.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:30.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:31.1.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:32.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:33.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:34.0.5:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:31.1.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:31.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:31.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:31.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:31.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:31.5:*:*:*:*:*:*:*

Конфигурация 4

Одно из

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.01704

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2015-0831

ubuntu

больше 10 лет назад

Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.