Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2015-7175

Description

The XULContentSinkImpl::AddText function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow."

POC

Reference

- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

- http://www.ubuntu.com/usn/USN-2743-3

Github

No PoCs found on GitHub currently.