Memory Read Vulnerability in Mozilla Firefox and Thunderbird
CVE-2015-2734

Currently unrated

Key Information:

Vendor
Suse
Status
Linux Enterprise Server
Linux Enterprise Software Development Kit
Linux Enterprise Desktop
Suse Linux Enterprise Server
Vendor
CVE Published:
6 July 2015

Summary

The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation of Mozilla Firefox and Thunderbird allows for potential exploitation due to reading data from uninitialized memory locations. This could lead to the exposure of sensitive information or unpredictable application behavior, as attackers may use this vulnerability to access sensitive values stored in memory, impacting user security and privacy.

References

http://lists.opensuse.org/opensuse-security-announce/2015...
vendor-advisoryx_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2015-1455.html
vendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2015...
vendor-advisoryx_refsource_SUSE

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.