Package firefox updated to version 37.0.2-alt1 for branch sisyphus in task 143697.

Published: 2015-04-20

BDU:2015-10028

Уязвимость браузера Firefox, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (6.8)

References:

CVE-2015-2706
Security Tracker ID:1032171

Published: 2015-04-27
Modified: 2024-11-21

CVE-2015-2706

Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted plugin that does not properly complete initialization.

Severity: MEDIUM (6.8)

References:

openSUSE-SU-2015:0761
openSUSE-SU-2015:0761
openSUSE-SU-2015:0763
openSUSE-SU-2015:0763
http://www.mozilla.org/security/announce/2015/mfsa2015-45.html
http://www.mozilla.org/security/announce/2015/mfsa2015-45.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
74247
74247
1032171
1032171
USN-2571-1
USN-2571-1
https://bugzilla.mozilla.org/show_bug.cgi?id=1141081
https://bugzilla.mozilla.org/show_bug.cgi?id=1141081
GLSA-201512-10
GLSA-201512-10

Version: 2.1.0

Package firefox update in sisyphus on 2015-04-26

ALT-PU-2015-1406-1

Closed vulnerabilities

BDU:2015-10028

CVE-2015-2706