CVE-2015-4512Improper Restriction of Operations within the Bounds of a Memory Buffer in Mozilla Firefox

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-200Sensitive Information Exposure13 documents6 sources
Severity
6.4MEDIUMNVD
OSV7.5
EPSS
2.0%
top 16.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Firefox
Timeline
PublishedSep 24
Latest updateMay 17

Description

gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) by using a CANVAS element to trigger 2D rendering.

CVSS vector

AV:N/AC:L/C:P/I:N/A:PExploitability: 10.0 | Impact: 4.9

Affected Packages2 packages

Ubuntumozilla/firefox< 41.0+build3-0ubuntu0.14.04.1+1
NVDmozilla/firefox40.0.3

🔴Vulnerability Details

6
GHSA
GHSA-qcgw-w6wr-h99m: gfx/2d/DataSurfaceHelpers2022-05-17
OSV
firefox regression2015-10-05
OSV
unity-firefox-extension, webapps-greasemonkey, webaccounts-browser-extension update2015-09-24
OSV
ubufox update2015-09-22
OSV
CVE-2015-4512: gfx/2d/DataSurfaceHelpers2015-09-22

📋Vendor Advisories

5
Ubuntu
Firefox regression2015-10-05
Ubuntu
Unity Integration for Firefox, Unity Websites Integration and Ubuntu Online Accounts extension update2015-09-24
Ubuntu
Ubufox update2015-09-22
Red Hat
Mozilla: Out-of-bounds read during 2D canvas display on Linux 16-bit color depth systems (MFSA 2015-107)2015-09-22
Ubuntu
Firefox vulnerabilities2015-09-22

💬Community

1
Bugzilla
CVE-2015-4512 Mozilla: Out-of-bounds read during 2D canvas display on Linux 16-bit color depth systems (MFSA 2015-107)2015-09-23