Description
Multiple use-after-free vulnerabilities in OpenType Sanitiser, as used in Mozilla Firefox before 36.0, might allow remote attackers to trigger problematic Developer Console information or possibly have unspecified other impact by leveraging incorrect macro expansion, related to the ots::ots_gasp_parse function.
References (10)
Core 10
Core References
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201504-01
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html
Vendor Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=1098497
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/72754
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1031791
Vendor Advisory x_refsource_confirm
http://www.mozilla.org/security/announce/2015/mfsa2015-23.html
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2015-03/msg00067.html
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2505-1
Issue Tracking, Patch x_refsource_confirm
https://github.com/khaledhosny/ots/commit/003c62d28ae438aa8943cb31535563397f838a2c
Scores
EPSS
0.0144
EPSS Percentile
81.0%
Details
Status
published
Products (46)
canonical/ubuntu_linux
12.04
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
14.10
mozilla/firefox
0.1
mozilla/firefox
0.2
mozilla/firefox
0.3
mozilla/firefox
0.4
mozilla/firefox
0.5
mozilla/firefox
0.6
mozilla/firefox
0.6.1
... and 36 more
Published
Feb 25, 2015
Tracked Since
Feb 18, 2026