CVE-2015-4477

Description

Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

References

• http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html
• http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html
• http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
• http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
• http://www.mozilla.org/security/announce/2015/mfsa2015-81.html
• http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
• http://www.securitytracker.com/id/1033247
• http://www.ubuntu.com/usn/USN-2702-1
• http://www.ubuntu.com/usn/USN-2702-2
• http://www.ubuntu.com/usn/USN-2702-3
• https://bugzilla.mozilla.org/show_bug.cgi?id=1179484
• https://security.gentoo.org/glsa/201605-06
• http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html
• http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html
• http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
• http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
• http://www.mozilla.org/security/announce/2015/mfsa2015-81.html
• http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
• http://www.securitytracker.com/id/1033247
• http://www.ubuntu.com/usn/USN-2702-1
• http://www.ubuntu.com/usn/USN-2702-2
• http://www.ubuntu.com/usn/USN-2702-3
• https://bugzilla.mozilla.org/show_bug.cgi?id=1179484
• https://security.gentoo.org/glsa/201605-06