Firefox vulnerabilities

2015-08-27T00:00:00
ID USN-2723-1
Type ubuntu
Reporter Ubuntu
Modified 2015-08-27T00:00:00

Description

A use-after-free was discovered when resizing a canvas element during restyling in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2015-4497)

Bas Venis discovered that the addon install permission prompt could be bypassed using data: URLs in some circumstances. It was also discovered that the installation notification could be made to appear over another site. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to install a malicious addon. (CVE-2015-4498)