CVE-2015-0804 (retired)

Priority
Description
The HTMLSourceElement::BindToTree function in Mozilla Firefox before 37.0
does not properly constrain a data type after omitting namespace validation
during certain tree-binding operations, which allows remote attackers to
execute arbitrary code or cause a denial of service (use-after-free) via a
crafted HTML document containing a SOURCE element.
Assigned-to
chrisccoulson
Package
Upstream:released (37.0)
Ubuntu 14.04 LTS (Trusty Tahr):released (37.0+build2-0ubuntu0.14.04.1)
More Information

Updated: 2019-03-26 12:14:21 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)