7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.6 Medium
AI Score
Confidence
Low
0.023 Low
EPSS
Percentile
89.6%
Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue::operator self assignment.
CPE | Name | Operator | Version |
---|---|---|---|
oracle:solaris | oracle solaris | eq | 11.3 |
lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html
lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html
lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html
lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html
lists.opensuse.org/opensuse-updates/2015-08/msg00030.html
lists.opensuse.org/opensuse-updates/2015-08/msg00031.html
rhn.redhat.com/errata/RHSA-2015-1586.html
rhn.redhat.com/errata/RHSA-2015-1682.html
www.debian.org/security/2015/dsa-3333
www.debian.org/security/2015/dsa-3410
www.mozilla.org/security/announce/2015/mfsa2015-90.html
www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
www.securitytracker.com/id/1033247
www.securitytracker.com/id/1033372
www.ubuntu.com/usn/USN-2702-1
www.ubuntu.com/usn/USN-2702-2
www.ubuntu.com/usn/USN-2702-3
www.ubuntu.com/usn/USN-2712-1
bugzilla.mozilla.org/show_bug.cgi?id=1176270
security.gentoo.org/glsa/201605-06