CVE-2015-4497

Firefox < 40.0.3 and ESR 38.x < 38.2.1 - Use-After-Free in CanvasRenderingContext2D

Title source: llm
STIX 2.1

Description

Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element.

References (13)

Core 13
Core References
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2015/dsa-3345
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2723-1
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-406
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=1175278
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2015-09/msg00000.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/76502
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1693.html
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=1164766
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033397

Scores

EPSS 0.0304
EPSS Percentile 86.9%

Details

Status published
Products (6)
mozilla/firefox 38.0
mozilla/firefox 38.0.1
mozilla/firefox 38.0.5
mozilla/firefox 38.1.0
mozilla/firefox 38.2.0
mozilla/firefox 40.0.2
Published Aug 29, 2015
Tracked Since Feb 18, 2026