CVE-2015-0828

2015-02-25T11:59:00
ID CVE-2015-0828
Type cve
Reporter cve@mitre.org
Modified 2018-10-30T16:27:00

Description

Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScript code that makes an XMLHttpRequest call with zero bytes of data. <a href="http://cwe.mitre.org/data/definitions/415.html">CWE-415: Double Free</a>