CVE-2015-2713
Published: 13 May 2015
Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
firefox Launchpad, Ubuntu, Debian |
precise |
Released
(38.0+build3-0ubuntu0.12.04.1)
|
| trusty |
Released
(38.0+build3-0ubuntu0.14.04.1)
|
|
| upstream |
Released
(38.0)
|
|
| utopic |
Released
(38.0+build3-0ubuntu0.14.10.1)
|
|
| vivid |
Released
(38.0+build3-0ubuntu0.15.04.1)
|
|
|
thunderbird Launchpad, Ubuntu, Debian |
precise |
Released
(1:31.7.0+build1-0ubuntu0.12.04.1)
|
| trusty |
Released
(1:31.7.0+build1-0ubuntu0.14.04.1)
|
|
| upstream |
Released
(31.7.0)
|
|
| utopic |
Released
(1:31.7.0+build1-0ubuntu0.14.10.1)
|
|
| vivid |
Released
(1:31.7.0+build1-0ubuntu0.15.04.1)
|