Vulnerabilities

CVE-2015-2731

by Fred · 05/07/2015

Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows remote attackers to execute arbitrary code by leveraging client-side JavaScript that triggers removal of a DOM object on the basis of a Content Policy.

Date published : 2015-07-05

http://www.securityfocus.com/bid/75541

http://www.mozilla.org/security/announce/2015/mfsa2015-63.html

Similar

Tags: Cybersecurity Alert