1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
PublicDateAtUSN: 2015-09-22
Candidate: CVE-2015-7175
PublicDate: 2015-09-24
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7175
https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
http://www.ubuntu.com/usn/usn-2743-1
http://www.ubuntu.com/usn/usn-2754-1
Description:
The XULContentSinkImpl::AddText function in Mozilla Firefox before 41.0 and
Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial
of service (memory corruption and application crash) or possibly have
unspecified other impact via unknown vectors, related to an "overflow."
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to: chrisccoulson
Patches_firefox:
upstream_firefox: released (41.0)
precise_firefox: released (41.0+build3-0ubuntu0.12.04.1)
trusty_firefox: released (41.0+build3-0ubuntu0.14.04.1)
vivid_firefox: released (41.0+build3-0ubuntu0.15.04.1)
devel_firefox: released (41.0+build3-0ubuntu1)
Patches_thunderbird:
Priority_thunderbird: low
upstream_thunderbird: released (38.3.0)
precise_thunderbird: released (1:38.3.0+build1-0ubuntu0.12.04.1)
trusty_thunderbird: released (1:38.3.0+build1-0ubuntu0.14.04.1)
vivid_thunderbird: released (1:38.3.0+build1-0ubuntu0.15.04.1)
devel_thunderbird: released (1:38.3.0+build1-0ubuntu2)
|