Lucene search

Mozilla FoundationMFSA2015-65

HistoryJul 02, 2015 - 12:00 a.m.

Use-after-free in workers while using XMLHttpRequest — Mozilla

2015-07-0200:00:00

Mozilla Foundation

www.mozilla.org

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.045 Low

EPSS

Percentile

92.4%

JSON

Security researcher Looben Yang used the Address Sanitizer tool to discover two related use-after-free vulnerabilities that occur when using XMLHttpRequest in concert with either shared or dedicated workers. These errors occur when the XMLHttpRequest object is attached to a worker but that object is incorrectly deleted while still in use. This results in exploitable crashes.

CPENameOperatorVersion
firefoxlt39
firefox esrlt31.8
firefox esrlt38.1
firefox oslt2.2
seamonkeylt2.35

Name	Operator	Version
firefox	lt	39
firefox esr	lt	31.8
firefox esr	lt	38.1
firefox os	lt	2.2
seamonkey	lt	2.35

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2722

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2733

bugzilla.mozilla.org/show_bug.cgi?id=1166924

bugzilla.mozilla.org/show_bug.cgi?id=1169867

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.045 Low

EPSS

Percentile

92.4%

JSON

Related for MFSA2015-65