CVE-2015-4488 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2015-4488?

CVE-2015-4488 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-4488?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Solaris, Canonical Ubuntu Linux, Opensuse Opensuse, Mozilla Firefox, Mozilla Firefox Os.

Vulnerability Description

Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue::operator self assignment.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Oracle	Solaris	11.3
Canonical	Ubuntu Linux	12.04
Opensuse	Opensuse	13.1
Mozilla	Firefox	<= 39.0.3
Mozilla	Firefox Os	2.1.0

References

FAQ

What is CVE-2015-4488?

CVE-2015-4488 is a vulnerability with a CVSS score of 7.5 (HIGH). Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified imp...

How severe is CVE-2015-4488?

CVE-2015-4488 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-4488?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Solaris, Canonical Ubuntu Linux, Opensuse Opensuse, Mozilla Firefox, Mozilla Firefox Os.