PT-2015-5860 · Mozilla+5 · Firefox+6

Holger Fuhrmannek

Publicado

2015-07-02

Atualizado

2024-12-12

CVE-2015-2729

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 39.0 Mozilla Firefox ESR versions prior to 38.1

Description The issue is related to the AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation, which does not properly calculate an oscillator rendering range. This allows remote attackers to obtain sensitive information from process memory or cause a denial of service via unspecified vectors.

Recommendations For Mozilla Firefox versions prior to 39.0, update to version 39.0 or later. For Mozilla Firefox ESR versions prior to 38.1, update to version 38.1 or later.

Exploit

Correção

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

ALT-PU-2015-1667

ALT-PU-2015-1669

ALT-PU-2015-2040

CESA-2015_1207

CVE-2015-2729

OPENSUSE-SU-2015_1229-1

OPENSUSE-SU-2024:10071-1

OPENSUSE-SU-2024:10230-1

OPENSUSE-SU-2024:14572-1

RHSA-2015:1207

RHSA-2015_1207

USN-2656-1

USN-2656-2

Produtos afetados

Alt Linux

Centos

Firefox

Firefox Esr

Red Hat

Suse

Ubuntu

PT-2015-5860 · Mozilla+5 · Firefox+6

CVE-2015-2729

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2253