Security Advisory

CVE-2015-0828

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-02-25 11:00:00

Last updated 2024-08-06 04:26:10

Assigner mozilla

State PUBLISHED

Description

Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScript code that makes an XMLHttpRequest call with zero bytes of data.

← Browse all CVEs View on cve.org ↗