CVE-2015-7212

Severity

75%

Complexity

99%

Confidentiality

106%

Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation.

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 9 years ago

2015-12-16 11:59:00

Last updated 6 years ago

2018-10-30 16:27:00

Affected Software

Fedora 22

22

Fedora Project Fedora 23

23

openSUSE Leap 42.1

42.1

OpenSUSE 13.1

13.1

OpenSUSE 13.2

13.2

Mozilla Firefox

Mozilla Firefox ESR 38.0

38.0

Mozilla Firefox ESR 38.0.1

38.0.1

Mozilla Firefox ESR 38.0.5

38.0.5

Mozilla Firefox ESR 38.1.0

38.1.0

Mozilla Firefox ESR 38.1.1

38.1.1

Mozilla Firefox ESR 38.2.0

38.2.0

Mozilla Firefox ESR 38.2.1

38.2.1

Mozilla Firefox Extended Support Release (ESR) 38.3.0

38.3.0

Mozilla Firefox ESR 38.4.0

38.4.0

References

FEDORA-2015-51b1105902

FEDORA-2015-7ab3d3afcf

SUSE-SU-2015:2334

SUSE-SU-2015:2335

SUSE-SU-2015:2336

openSUSE-SU-2015:2380

openSUSE-SU-2015:2406

openSUSE-SU-2015:2353

openSUSE-SU-2016:0307

openSUSE-SU-2016:0308

RHSA-2015:2657

DSA-3422

DSA-3432

http://www.mozilla.org/security/announce/2015/mfsa2015-139.html

Vendor Advisory

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

79279

1034426

USN-2833-1

USN-2859-1

https://bugzilla.mozilla.org/show_bug.cgi?id=1222809

GLSA-201512-10

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.