CVE-2015-5962

CWE-1893 documents3 sources
Severity
5.0MEDIUM
EPSS
0.4%
top 38.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Firefox OS
Timeline
PublishedAug 8
Latest updateMay 17

Description

Integer signedness error in the SharedBufferManagerParent::RecvAllocateGrallocBuffer function in the buffer-management implementation in the graphics layer in Mozilla Firefox OS before 2.2 might allow attackers to cause a denial of service (memory corruption) via a negative value of a size parameter.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

â–¶NVDmozilla/firefox_os2.1.0

đź”´Vulnerability Details

2
GHSA
GHSA-86wp-278v-h7vp: Integer signedness error in the SharedBufferManagerParent::RecvAllocateGrallocBuffer function in the buffer-management implementation in the graphics↗2022-05-17
â–¶
CVEList
CVE-2015-5962: Integer signedness error in the SharedBufferManagerParent::RecvAllocateGrallocBuffer function in the buffer-management implementation in the graphics↗2015-08-08
â–¶
CVE-2015-5962 (MEDIUM CVSS 5) | Integer signedness error in the Sha | cvebase.io