Mozilla Firefox buffer overflow and Denial of Service Vulnerability (CVE-2015-7179)

Mozilla Firefox buffer overflow and Denial of Service Vulnerability (CVE-2015-7179)
Mozilla Firefox buffer overflow and Denial of Service Vulnerability (CVE-2015-7179)

Release date:
Updated on:

Affected Systems:

Mozilla Firefox < 41.0
Mozilla Firefox < 38.3

Description:

CVE (CAN) ID: CVE-2015-7179

Mozilla Firefox is an open-source web browser that uses the Gecko engine.

VertexBufferInterface: reserveVertexSpace, a function of libGLES in ANGLE, a version earlier than Mozilla Firefox 41.0 and a version earlier than Firefox ESR 38.3, is incorrectly allocated with the memory of the Renderer attribute array. A security vulnerability exists, remote attackers exploit this vulnerability to cause DoS (memory corruption and application crash ).

<* Source: Ronald Crane
*>

Suggestion:

Vendor patch:

Mozilla
-------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Https://www.mozilla.org/en-US/security/advisories/mfsa2015-113/

Mozilla Firefox 40.0 officially released and downloaded

Manually install Firefox Flash plug-in Ubuntu 14.04

Replacement of Firefox in Ubuntu

Use apt-get to install FireFox and ThunderBird In Debian Linux

Stable Firefox 29 version released-how to install

Mozilla Firefox 31.0 official release and download

Firefox details: click here
Firefox: click here

This article permanently updates the link address: