CVE-2015-0803 (retired)

Priority
Description
The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox before 37.0
does not properly constrain the original data type of a casted value during
the setting of a SOURCE element's attributes, which allows remote attackers
to execute arbitrary code or cause a denial of service (use-after-free) via
a crafted HTML document.
Assigned-to
chrisccoulson
Package
Upstream:released (37.0)
Ubuntu 14.04 LTS (Trusty Tahr):released (37.0+build2-0ubuntu0.14.04.1)
More Information

Updated: 2019-03-26 12:14:21 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)