Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2015-7199

The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted SVG document.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.mozilla.org...
CONFIRM: https://bugzilla.mozil...
CONFIRM: http://www.oracle.com/...
CONFIRM: http://www.oracle.com/...
BID: 77411
DEBIAN: DSA-3410
DEBIAN: DSA-3393
GENTOO: GLSA-201512-10
REDHAT: RHSA-2015:2519
REDHAT: RHSA-2015:1982
SUSE: openSUSE-SU-2015:2229
SUSE: openSUSE-SU-2015:2245
SUSE: SUSE-SU-2015:1926
SUSE: openSUSE-SU-2015:1942
SUSE: SUSE-SU-2015:1978
SUSE: SUSE-SU-2015:1981
SUSE: SUSE-SU-2015:2081
UBUNTU: USN-2819-1
UBUNTU: USN-2785-1
SECTRACK: 1034069

Launchpad.net

CVE 2015-7199

Related bugs

References