CVE-2015-4488

CVSS v2.0 7.5 (High)

EPSS 2.25 % (90^th)

Affected Products 6

Advisories 14

Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue::operator self assignment.

Weaknesses

CWE-NVD-Other

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2015-08-16 01:59:16
(9 years ago)
Updated Date: 2018-10-30 16:27:35
(5 years ago)

Affected Products

Canonical

Ubuntu Linux

Mozilla

Opensuse

Opensuse

Oracle

Solaris

Configuration #1

		CPE23	From	Up To
	Oracle Solaris 11.3	cpe:2.3:o:oracle:solaris:11.3

Configuration #2

		CPE23	From	Up To
	Canonical Ubuntu Linux 12.04	cpe:2.3:o:canonical:ubuntu_linux:12.04:::*:lts
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:lts
	Canonical Ubuntu Linux 15.04	cpe:2.3:o:canonical:ubuntu_linux:15.04
	Opensuse 13.1	cpe:2.3:o:opensuse:opensuse:13.1
	Opensuse 13.2	cpe:2.3:o:opensuse:opensuse:13.2

Configuration #3

	CPE23	Up To
Mozilla Firefox 39.0.3 and prior versions	cpe:2.3:a:mozilla:firefox	<= 39.0.3
Mozilla Firefox Esr 38.0	cpe:2.3:a:mozilla:firefox_esr:38.0
Mozilla Firefox Esr 38.0.1	cpe:2.3:a:mozilla:firefox_esr:38.0.1
Mozilla Firefox Esr 38.0.5	cpe:2.3:a:mozilla:firefox_esr:38.0.5
Mozilla Firefox Esr 38.1.0	cpe:2.3:a:mozilla:firefox_esr:38.1.0
Mozilla Firefox Os 2.1.0	cpe:2.3:o:mozilla:firefox_os:2.1.0