CVE-2015-2706

2015-04-27T11:59:00
ID CVE-2015-2706
Type cve
Reporter cve@mitre.org
Modified 2016-12-07T18:10:00

Description

Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted plugin that does not properly complete initialization.