UBUNTU-CVE-2015-2740

UNKNOWN

Published Jul 5, 2015

Modified 1 years ago

Fix available

Details

Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have unspecified other impact via unknown vectors.

Affected Packages

Ubuntu:14.04:LTSfirefox

Affected versions:

24.0+build1-0ubuntu125.0+build3-0ubuntu0.13.10.128.0+build1-0ubuntu128.0+build2-0ubuntu128.0+build2-0ubuntu228.0~b2+build1-0ubuntu229.0+build1-0ubuntu0.14.04.230.0+build1-0ubuntu0.14.04.331.0+build1-0ubuntu0.14.04.132.0+build1-0ubuntu0.14.04.1+12 more

Fixed in:

39.0+build5-0ubuntu0.14.04.1

Ubuntu:14.04:LTSthunderbird

Affected versions:

1:24.0+build1-0ubuntu11:24.0+build1-0ubuntu21:24.1.1+build1-0ubuntu0.13.10.11:24.1.1+build1-0ubuntu11:24.2.0+build1-0ubuntu11:24.4.0+build1-0ubuntu11:24.5.0+build1-0ubuntu0.14.04.11:24.6.0+build1-0ubuntu0.14.04.11:31.0+build1-0ubuntu0.14.04.11:31.1.1+build1-0ubuntu0.14.04.1+7 more

Fixed in:

1:31.8.0+build1-0ubuntu0.14.04.1

References

REPORThttp://www.mozilla.org/security/announce/2015/mfsa2015-66.html REPORThttps://bugzilla.mozilla.org/show_bug.cgi?id=1170809 REPORThttps://ubuntu.com/security/CVE-2015-2740 REPORThttps://ubuntu.com/security/notices/USN-2656-1 REPORThttps://ubuntu.com/security/notices/USN-2656-2 REPORThttps://ubuntu.com/security/notices/USN-2673-1 REPORThttps://www.cve.org/CVERecord?id=CVE-2015-2740 REPORThttps://www.mozilla.org/en-US/security/advisories/mfsa2015-66/

CVE-2015-2740 USN-2656-1 USN-2656-2 USN-2673-1

Ecosystems

Ubuntu 14.04 LTS

Timeline

PublishedJul 5, 2015

ModifiedJan 13, 2025