Use-After-Free Vulnerability in Mozilla Firefox Web Audio API
CVE-2015-4477

Currently unrated

Key Information:

Vendor

Canonical

Status
Ubuntu Linux
Opensuse
Vendor
CVE Published:
16 August 2015

What is CVE-2015-4477?

A use-after-free vulnerability exists in the MediaStream playback feature of Mozilla Firefox versions prior to 40.0. This weakness can be exploited by remote attackers to execute arbitrary code by making specific but unspecified calls to the Web Audio API. If successfully executed, such an exploit could lead to unauthorized access and manipulation of system functions, potentially allowing attackers to take control of affected devices. Users are advised to update their Firefox browsers to the latest versions to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://lists.opensuse.org/opensuse-security-announce/2016...
vendor-advisoryx_refsource_SUSE
http://www.mozilla.org/security/announce/2015/mfsa2015-81...
x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-2702-3
vendor-advisoryx_refsource_UBUNTU

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.