CVE-2015-7219

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 43.0

Description The issue is related to the HTTP/2 implementation, which allows remote attackers to cause a denial of service due to an integer underflow, assertion failure, and application exit. This can be triggered by a malformed PushPromise frame that causes decompressed-buffer length miscalculation and incorrect memory allocation.

Recommendations For versions prior to 43.0, update to version 43.0 or later to resolve the issue. As a temporary workaround, consider disabling HTTP/2 support until a patch is available. Restrict access to untrusted websites to minimize the risk of exploitation.