Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2015-08-29T19:00:00
Updated: 2024-08-06T06:18:11.935Z
Reserved: 2015-06-10T00:00:00
Link: CVE-2015-4497
Vulnrichment
No data.
NVD
Status : Modified
Published: 2015-08-29T19:59:00.123
Modified: 2016-12-22T02:59:54.710
Link: CVE-2015-4497
Redhat