CVE-2015-2731
CVSS v2.0
10 (High)
EPSS
4.36 % (93th)
Affected Products
4
Advisories
9
Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows remote attackers to execute arbitrary code by leveraging client-side JavaScript that triggers removal of a DOM object on the basis of a Content Policy.
Weaknesses
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2015-07-06 02:01:02
(9 years ago) - Updated Date
-
2016-12-28 02:59:08
(7 years ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...