CVE-2015-4492 (retired)

Priority
Description
Use-after-free vulnerability in the XMLHttpRequest::Open implementation in
Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 might allow
remote attackers to execute arbitrary code via a SharedWorker object that
makes recursive calls to the open method of an XMLHttpRequest object.
Assigned-to
chrisccoulson
Package
Upstream:released (40.0)
Ubuntu 14.04 LTS (Trusty Tahr):released (40.0+build4-0ubuntu0.14.04.1)
More Information

Updated: 2019-03-26 12:15:38 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)