CVE-2015-7204 Information
Description
Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments.
Reference
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html http://www.mozilla.org/security/announce/2015/mfsa2015-135.html http://www.securityfocus.com/bid/79280 http://www.securitytracker.com/id/1034426 http://www.ubuntu.com/usn/USN-2833-1 https://bugzilla.mozilla.org/show_bug.cgi?id=1216130 https://security.gentoo.org/glsa/201512-10
Share on: