CVE-2015-2731

2015-07-0602:01:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2015-2731

use-after-free vulnerability

cspservice::shouldload

mozilla firefox

remote code execution

content policy

4.9 Medium

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.044 Low

EPSS

Percentile

92.3%

JSON

Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows remote attackers to execute arbitrary code by leveraging client-side JavaScript that triggers removal of a DOM object on the basis of a Content Policy.

CPENameOperatorVersion
mozilla:firefoxmozilla firefoxle38.1.0
mozilla:thunderbirdmozilla thunderbirdle38.0.1
oracle:solarisoracle solariseq11.3
mozilla:firefox_esrmozilla firefox esreq38.0
mozilla:firefox_esrmozilla firefox esreq31.1
mozilla:firefox_esrmozilla firefox esreq31.3.0
mozilla:firefox_esrmozilla firefox esreq31.1.1
mozilla:firefox_esrmozilla firefox esreq31.7.0
mozilla:firefox_esrmozilla firefox esreq31.5
mozilla:firefox_esrmozilla firefox esreq31.6.0

CPE	Name	Operator	Version
mozilla:firefox	mozilla firefox	le	38.1.0
mozilla:thunderbird	mozilla thunderbird	le	38.0.1
oracle:solaris	oracle solaris	eq	11.3
mozilla:firefox_esr	mozilla firefox esr	eq	38.0
mozilla:firefox_esr	mozilla firefox esr	eq	31.1
mozilla:firefox_esr	mozilla firefox esr	eq	31.3.0
mozilla:firefox_esr	mozilla firefox esr	eq	31.1.1
mozilla:firefox_esr	mozilla firefox esr	eq	31.7.0
mozilla:firefox_esr	mozilla firefox esr	eq	31.5
mozilla:firefox_esr	mozilla firefox esr	eq	31.6.0