CVE-2015-2731 (retired)

Priority
Description
Use-after-free vulnerability in the CSPService::ShouldLoad function in the
microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x
before 38.1, and Thunderbird before 38.1 allows remote attackers to execute
arbitrary code by leveraging client-side JavaScript that triggers removal
of a DOM object on the basis of a Content Policy.
Assigned-to
chrisccoulson
Package
Upstream:released (39.0)
Package
Priority: Low
Upstream:released (31.8)
More Information

Updated: 2019-08-23 09:06:17 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)