Lucene search
Ubuntu.comUB:CVE-2015-0804HistoryApr 01, 2015 - 12:00 a.m.
CVE-2015-0804
2015-04-0100:00:00
ubuntu.com
ubuntu.com
6
0.038 Low
EPSS
Percentile
91.9%
The HTMLSourceElement::BindToTree function in Mozilla Firefox before 37.0
does not properly constrain a data type after omitting namespace validation
during certain tree-binding operations, which allows remote attackers to
execute arbitrary code or cause a denial of service (use-after-free) via a
crafted HTML document containing a SOURCE element.
Related
prion
prion
Input validation
2015-04-01 10:59:00
cvelist
cvelist
CVE-2015-0804
2015-04-01 10:00:00
cve
cve
CVE-2015-0804
2015-04-01 10:59:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2015-39) - Linux
2021-11-11 00:00:00
Mozilla Firefox Multiple Vulnerabilities-01 (Apr 2015) - Windows
2015-04-06 00:00:00
Ubuntu: Security Advisory (USN-2550-1)
2015-04-02 00:00:00
mozilla
mozilla
Use-after-free due to type confusion flaws — Mozilla
2015-03-31 00:00:00
kaspersky
kaspersky
archlinux
archlinux
firefox: multiple issues
2015-04-01 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2550-1)
2015-04-02 00:00:00
Firefox < 37.0 Multiple Vulnerabilities
2015-04-01 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2015-04-01 00:00:00
suse
suse
freebsd
freebsd
mozilla -- multiple vulnerabilities
2015-03-31 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2015-04-08 00:00:00
mageia
mageia
Updated iceape packages fix security vulnerabilities
2015-09-08 10:20:40
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-12-30 00:00:00