Vulnerabilities > Mozilla > Firefox OS > High

DATE CVE VULNERABILITY TITLE RISK
2015-08-16 CVE-2015-4489 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging a self assignment.
network
low complexity
oracle mozilla canonical opensuse CWE-119
7.5
7.5
2015-08-16 CVE-2015-4488 Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue::operator self assignment.
network
low complexity
oracle canonical opensuse mozilla
7.5
7.5
2015-08-16 CVE-2015-4487 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, related to an "overflow."
network
low complexity
mozilla canonical opensuse oracle CWE-119
7.5
7.5