Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
22 Oct 2024, 13:54
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mozilla:firefox:31.5.1:*:*:*:*:*:*:* |
21 Oct 2024, 13:55
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:* |
cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:31.1.0:*:*:*:*:*:*:* |
21 Oct 2024, 13:11
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mozilla:firefox_esr:31.5.2:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox_esr:31.1.1:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox_esr:31.3.0:*:*:*:*:*:*:* |
cpe:2.3:a:mozilla:firefox:31.5.2:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:31.3.0:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:31.1.1:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:31.5.3:*:*:*:*:*:*:* |
12 Sep 2023, 14:55
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:* |
Information
Published : 2015-05-14 10:59
Updated : 2024-10-22 13:54
NVD link : CVE-2015-2713
Mitre link : CVE-2015-2713
CVE.ORG link : CVE-2015-2713
JSON object : View
Products Affected
opensuse
- opensuse
novell
- suse_linux_enterprise_software_development_kit
- suse_linux_enterprise_server
- suse_linux_enterprise_desktop
mozilla
- firefox_esr
- firefox
- thunderbird
CWE