Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2015-0813

Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted MP3 file.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.mozilla.org...
CONFIRM: https://bugzilla.mozil...
DEBIAN: DSA-3211
REDHAT: RHSA-2015:0766
REDHAT: RHSA-2015:0771
UBUNTU: USN-2550-1
UBUNTU: USN-2552-1
SECTRACK: 1031996
SECTRACK: 1032000
DEBIAN: DSA-3212
SUSE: SUSE-SU-2015:0704
SUSE: openSUSE-SU-2015:0677
CONFIRM: http://www.oracle.com/...
GENTOO: GLSA-201512-10
SUSE: openSUSE-SU-2015:1266
SUSE: openSUSE-SU-2015:0892
BID: 73463

Launchpad.net

CVE 2015-0813

Related bugs

References