CVE-2015-0823: Use After Free
First published: Wed Feb 25 2015(Updated: )
Multiple use-after-free vulnerabilities in OpenType Sanitiser, as used in Mozilla Firefox before 36.0, might allow remote attackers to trigger problematic Developer Console information or possibly have unspecified other impact by leveraging incorrect macro expansion, related to the ots::ots_gasp_parse function.
Credit: security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Canonical Ubuntu Linux | =12.04 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =14.10 | |
| Opentype Sanitiser Project Opentype Sanitiser | ||
| Mozilla Firefox | <=35.0.1 | |
| Mozilla Firefox | =0.1 | |
| Mozilla Firefox | =0.2 | |
| Mozilla Firefox | =0.3 | |
| Mozilla Firefox | =0.4 | |
| Mozilla Firefox | =0.5 | |
| Mozilla Firefox | =0.6 | |
| Mozilla Firefox | =0.6.1 | |
| Mozilla Firefox | =0.7 | |
| Mozilla Firefox | =0.7.1 | |
| Mozilla Firefox | =0.8 | |
| Mozilla Firefox | =0.9 | |
| Mozilla Firefox | =0.9-rc | |
| Mozilla Firefox | =0.9.1 | |
| Mozilla Firefox | =0.9.2 | |
| Mozilla Firefox | =0.9.3 | |
| Mozilla Firefox | =0.10 | |
| Mozilla Firefox | =0.10.1 | |
| Mozilla Firefox | =1.0 | |
| Mozilla Firefox | =1.0-preview_release | |
| Mozilla Firefox | =1.0.1 | |
| Mozilla Firefox | =1.0.2 | |
| Mozilla Firefox | =1.0.3 | |
| Mozilla Firefox | =1.0.4 | |
| Mozilla Firefox | =1.0.5 | |
| Mozilla Firefox | =1.0.6 | |
| Mozilla Firefox | =1.0.7 | |
| Mozilla Firefox | =1.0.8 | |
| Mozilla Firefox | =1.4.1 | |
| Mozilla Firefox | =1.5 | |
| Mozilla Firefox | =1.5-beta1 | |
| Mozilla Firefox | =1.5-beta2 | |
| Mozilla Firefox | =1.5.0.1 | |
| Mozilla Firefox | =1.5.0.2 | |
| Mozilla Firefox | =1.5.0.3 | |
| Mozilla Firefox | =1.5.0.4 | |
| Mozilla Firefox | =1.5.0.5 | |
| Mozilla Firefox | =1.5.0.6 | |
| Mozilla Firefox | =1.5.0.7 | |
| Mozilla Firefox | =1.5.0.8 | |
| Mozilla Firefox | =1.5.0.9 | |
| Mozilla Firefox | =1.5.0.10 | |
| Mozilla Firefox | =1.5.0.11 | |
| Mozilla Firefox | =1.5.0.12 | |
| Mozilla Firefox | =1.5.1 | |
| Mozilla Firefox | =1.5.2 | |
| Mozilla Firefox | =1.5.3 | |
| Mozilla Firefox | =1.5.4 | |
| Mozilla Firefox | =1.5.5 | |
| Mozilla Firefox | =1.5.6 | |
| Mozilla Firefox | =1.5.7 | |
| Mozilla Firefox | =1.5.8 | |
| Mozilla Firefox | =1.8 | |
| Mozilla Firefox | =2.0 | |
| Mozilla Firefox | =2.0.0.1 | |
| Mozilla Firefox | =2.0.0.2 | |
| Mozilla Firefox | =2.0.0.3 | |
| Mozilla Firefox | =2.0.0.4 | |
| Mozilla Firefox | =2.0.0.5 | |
| Mozilla Firefox | =2.0.0.6 | |
| Mozilla Firefox | =2.0.0.7 | |
| Mozilla Firefox | =2.0.0.8 | |
| Mozilla Firefox | =2.0.0.9 | |
| Mozilla Firefox | =2.0.0.10 | |
| Mozilla Firefox | =2.0.0.11 | |
| Mozilla Firefox | =2.0.0.12 | |
| Mozilla Firefox | =2.0.0.13 | |
| Mozilla Firefox | =2.0.0.14 | |
| Mozilla Firefox | =2.0.0.15 | |
| Mozilla Firefox | =2.0.0.16 | |
| Mozilla Firefox | =2.0.0.17 | |
| Mozilla Firefox | =2.0.0.18 | |
| Mozilla Firefox | =2.0.0.19 | |
| Mozilla Firefox | =2.0.0.20 | |
| Mozilla Firefox | =3.0 | |
| Mozilla Firefox | =3.0.1 | |
| Mozilla Firefox | =3.0.2 | |
| Mozilla Firefox | =3.0.3 | |
| Mozilla Firefox | =3.0.4 | |
| Mozilla Firefox | =3.0.5 | |
| Mozilla Firefox | =3.0.6 | |
| Mozilla Firefox | =3.0.7 | |
| Mozilla Firefox | =3.0.8 | |
| Mozilla Firefox | =3.0.9 | |
| Mozilla Firefox | =3.0.10 | |
| Mozilla Firefox | =3.0.11 | |
| Mozilla Firefox | =3.0.12 | |
| Mozilla Firefox | =3.0.13 | |
| Mozilla Firefox | =3.0.14 | |
| Mozilla Firefox | =3.0.15 | |
| Mozilla Firefox | =3.0.16 | |
| Mozilla Firefox | =3.0.17 | |
| Mozilla Firefox | =3.0.18 | |
| Mozilla Firefox | =3.0.19 | |
| Mozilla Firefox | =3.5 | |
| Mozilla Firefox | =3.5.1 | |
| Mozilla Firefox | =3.5.2 | |
| Mozilla Firefox | =3.5.3 | |
| Mozilla Firefox | =3.5.4 | |
| Mozilla Firefox | =3.5.5 | |
| Mozilla Firefox | =3.5.6 | |
| Mozilla Firefox | =3.5.7 | |
| Mozilla Firefox | =3.5.8 | |
| Mozilla Firefox | =3.5.9 | |
| Mozilla Firefox | =3.5.10 | |
| Mozilla Firefox | =3.5.11 | |
| Mozilla Firefox | =3.5.12 | |
| Mozilla Firefox | =3.5.13 | |
| Mozilla Firefox | =3.5.14 | |
| Mozilla Firefox | =3.5.15 | |
| Mozilla Firefox | =3.5.16 | |
| Mozilla Firefox | =3.5.17 | |
| Mozilla Firefox | =3.5.18 | |
| Mozilla Firefox | =3.5.19 | |
| Mozilla Firefox | =3.6 | |
| Mozilla Firefox | =3.6.2 | |
| Mozilla Firefox | =3.6.3 | |
| Mozilla Firefox | =3.6.4 | |
| Mozilla Firefox | =3.6.6 | |
| Mozilla Firefox | =3.6.7 | |
| Mozilla Firefox | =3.6.8 | |
| Mozilla Firefox | =3.6.9 | |
| Mozilla Firefox | =3.6.10 | |
| Mozilla Firefox | =3.6.11 | |
| Mozilla Firefox | =3.6.12 | |
| Mozilla Firefox | =3.6.13 | |
| Mozilla Firefox | =3.6.14 | |
| Mozilla Firefox | =3.6.15 | |
| Mozilla Firefox | =3.6.16 | |
| Mozilla Firefox | =3.6.17 | |
| Mozilla Firefox | =3.6.18 | |
| Mozilla Firefox | =3.6.19 | |
| Mozilla Firefox | =3.6.20 | |
| Mozilla Firefox | =3.6.21 | |
| Mozilla Firefox | =3.6.22 | |
| Mozilla Firefox | =3.6.23 | |
| Mozilla Firefox | =3.6.24 | |
| Mozilla Firefox | =3.6.25 | |
| Mozilla Firefox | =3.6.26 | |
| Mozilla Firefox | =3.6.27 | |
| Mozilla Firefox | =3.6.28 | |
| Mozilla Firefox | =4.0 | |
| Mozilla Firefox | =4.0-beta1 | |
| Mozilla Firefox | =4.0-beta10 | |
| Mozilla Firefox | =4.0-beta11 | |
| Mozilla Firefox | =4.0-beta12 | |
| Mozilla Firefox | =4.0-beta2 | |
| Mozilla Firefox | =4.0-beta3 | |
| Mozilla Firefox | =4.0-beta4 | |
| Mozilla Firefox | =4.0-beta5 | |
| Mozilla Firefox | =4.0-beta6 | |
| Mozilla Firefox | =4.0-beta7 | |
| Mozilla Firefox | =4.0-beta8 | |
| Mozilla Firefox | =4.0-beta9 | |
| Mozilla Firefox | =4.0.1 | |
| Mozilla Firefox | =5.0 | |
| Mozilla Firefox | =5.0.1 | |
| Mozilla Firefox | =6.0 | |
| Mozilla Firefox | =6.0.1 | |
| Mozilla Firefox | =6.0.2 | |
| Mozilla Firefox | =7.0 | |
| Mozilla Firefox | =7.0.1 | |
| Mozilla Firefox | =8.0 | |
| Mozilla Firefox | =8.0.1 | |
| Mozilla Firefox | =9.0 | |
| Mozilla Firefox | =9.0.1 | |
| Mozilla Firefox | =10.0 | |
| Mozilla Firefox | =10.0.1 | |
| Mozilla Firefox | =10.0.2 | |
| Mozilla Firefox | =10.0.3 | |
| Mozilla Firefox | =10.0.4 | |
| Mozilla Firefox | =10.0.5 | |
| Mozilla Firefox | =10.0.6 | |
| Mozilla Firefox | =10.0.7 | |
| Mozilla Firefox | =10.0.8 | |
| Mozilla Firefox | =10.0.9 | |
| Mozilla Firefox | =10.0.10 | |
| Mozilla Firefox | =10.0.11 | |
| Mozilla Firefox | =10.0.12 | |
| Mozilla Firefox | =11.0 | |
| Mozilla Firefox | =12.0 | |
| Mozilla Firefox | =12.0-beta6 | |
| Mozilla Firefox | =13.0 | |
| Mozilla Firefox | =13.0.1 | |
| Mozilla Firefox | =14.0 | |
| Mozilla Firefox | =14.0.1 | |
| Mozilla Firefox | =15.0 | |
| Mozilla Firefox | =15.0.1 | |
| Mozilla Firefox | =16.0 | |
| Mozilla Firefox | =16.0.1 | |
| Mozilla Firefox | =16.0.2 | |
| Mozilla Firefox | =17.0 | |
| Mozilla Firefox | =17.0.1 | |
| Mozilla Firefox | =17.0.2 | |
| Mozilla Firefox | =17.0.3 | |
| Mozilla Firefox | =17.0.4 | |
| Mozilla Firefox | =17.0.5 | |
| Mozilla Firefox | =17.0.6 | |
| Mozilla Firefox | =17.0.7 | |
| Mozilla Firefox | =17.0.8 | |
| Mozilla Firefox | =17.0.9 | |
| Mozilla Firefox | =17.0.10 | |
| Mozilla Firefox | =17.0.11 | |
| Mozilla Firefox | =18.0 | |
| Mozilla Firefox | =18.0.1 | |
| Mozilla Firefox | =18.0.2 | |
| Mozilla Firefox | =19.0 | |
| Mozilla Firefox | =19.0.1 | |
| Mozilla Firefox | =19.0.2 | |
| Mozilla Firefox | =20.0 | |
| Mozilla Firefox | =20.0.1 | |
| Mozilla Firefox | =21.0 | |
| Mozilla Firefox | =22.0 | |
| Mozilla Firefox | =23.0 | |
| Mozilla Firefox | =23.0.1 | |
| Mozilla Firefox | =24.0 | |
| Mozilla Firefox | =24.1 | |
| Mozilla Firefox | =24.1.1 | |
| Mozilla Firefox | =25.0 | |
| Mozilla Firefox | =25.0.1 | |
| Mozilla Firefox | =26.0 | |
| Mozilla Firefox | =27.0 | |
| Mozilla Firefox | =27.0.1 | |
| Mozilla Firefox | =28.0 | |
| Mozilla Firefox | =29.0 | |
| Mozilla Firefox | =29.0.1 | |
| Mozilla Firefox | =30.0 | |
| Mozilla Firefox | =31.0 | |
| Mozilla Firefox | =31.1.0 | |
| Mozilla Firefox | =32.0 | |
| Mozilla Firefox | =33.0 | |
| Mozilla Firefox | =34.0.5 | |
| openSUSE openSUSE | =13.1 | |
| openSUSE openSUSE | =13.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html
- http://lists.opensuse.org/opensuse-updates/2015-03/msg00067.html
- http://www.mozilla.org/security/announce/2015/mfsa2015-23.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.securityfocus.com/bid/72754
- http://www.securitytracker.com/id/1031791
- http://www.ubuntu.com/usn/USN-2505-1
- https://bugzilla.mozilla.org/show_bug.cgi?id=1098497
- https://github.com/khaledhosny/ots/commit/003c62d28ae438aa8943cb31535563397f838a2c
- https://security.gentoo.org/glsa/201504-01
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/remedy
- agent/author
- agent/severity
- agent/weakness
- agent/description
- agent/event
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/12.04
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/14.10
- vendor/opentype sanitiser project
- canonical/opentype sanitiser project opentype sanitiser
- vendor/mozilla
- canonical/mozilla firefox
- version/mozilla firefox/35.0.1
- version/mozilla firefox/0.1
- version/mozilla firefox/0.2
- version/mozilla firefox/0.3
- version/mozilla firefox/0.4
- version/mozilla firefox/0.5
- version/mozilla firefox/0.6
- version/mozilla firefox/0.6.1
- version/mozilla firefox/0.7
- version/mozilla firefox/0.7.1
- version/mozilla firefox/0.8
- version/mozilla firefox/0.9
- version/mozilla firefox/0.9-rc
- version/mozilla firefox/0.9.1
- version/mozilla firefox/0.9.2
- version/mozilla firefox/0.9.3
- version/mozilla firefox/0.10
- version/mozilla firefox/0.10.1
- version/mozilla firefox/1.0
- version/mozilla firefox/1.0-preview_release
- version/mozilla firefox/1.0.1
- version/mozilla firefox/1.0.2
- version/mozilla firefox/1.0.3
- version/mozilla firefox/1.0.4
- version/mozilla firefox/1.0.5
- version/mozilla firefox/1.0.6
- version/mozilla firefox/1.0.7
- version/mozilla firefox/1.0.8
- version/mozilla firefox/1.4.1
- version/mozilla firefox/1.5
- version/mozilla firefox/1.5-beta1
- version/mozilla firefox/1.5-beta2
- version/mozilla firefox/1.5.0.1
- version/mozilla firefox/1.5.0.2
- version/mozilla firefox/1.5.0.3
- version/mozilla firefox/1.5.0.4
- version/mozilla firefox/1.5.0.5
- version/mozilla firefox/1.5.0.6
- version/mozilla firefox/1.5.0.7
- version/mozilla firefox/1.5.0.8
- version/mozilla firefox/1.5.0.9
- version/mozilla firefox/1.5.0.10
- version/mozilla firefox/1.5.0.11
- version/mozilla firefox/1.5.0.12
- version/mozilla firefox/1.5.1
- version/mozilla firefox/1.5.2
- version/mozilla firefox/1.5.3
- version/mozilla firefox/1.5.4
- version/mozilla firefox/1.5.5
- version/mozilla firefox/1.5.6
- version/mozilla firefox/1.5.7
- version/mozilla firefox/1.5.8
- version/mozilla firefox/1.8
- version/mozilla firefox/2.0
- version/mozilla firefox/2.0.0.1
- version/mozilla firefox/2.0.0.2
- version/mozilla firefox/2.0.0.3
- version/mozilla firefox/2.0.0.4
- version/mozilla firefox/2.0.0.5
- version/mozilla firefox/2.0.0.6
- version/mozilla firefox/2.0.0.7
- version/mozilla firefox/2.0.0.8
- version/mozilla firefox/2.0.0.9
- version/mozilla firefox/2.0.0.10
- version/mozilla firefox/2.0.0.11
- version/mozilla firefox/2.0.0.12
- version/mozilla firefox/2.0.0.13
- version/mozilla firefox/2.0.0.14
- version/mozilla firefox/2.0.0.15
- version/mozilla firefox/2.0.0.16
- version/mozilla firefox/2.0.0.17
- version/mozilla firefox/2.0.0.18
- version/mozilla firefox/2.0.0.19
- version/mozilla firefox/2.0.0.20
- version/mozilla firefox/3.0
- version/mozilla firefox/3.0.1
- version/mozilla firefox/3.0.2
- version/mozilla firefox/3.0.3
- version/mozilla firefox/3.0.4
- version/mozilla firefox/3.0.5
- version/mozilla firefox/3.0.6
- version/mozilla firefox/3.0.7
- version/mozilla firefox/3.0.8
- version/mozilla firefox/3.0.9
- version/mozilla firefox/3.0.10
- version/mozilla firefox/3.0.11
- version/mozilla firefox/3.0.12
- version/mozilla firefox/3.0.13
- version/mozilla firefox/3.0.14
- version/mozilla firefox/3.0.15
- version/mozilla firefox/3.0.16
- version/mozilla firefox/3.0.17
- version/mozilla firefox/3.0.18
- version/mozilla firefox/3.0.19
- version/mozilla firefox/3.5
- version/mozilla firefox/3.5.1
- version/mozilla firefox/3.5.2
- version/mozilla firefox/3.5.3
- version/mozilla firefox/3.5.4
- version/mozilla firefox/3.5.5
- version/mozilla firefox/3.5.6
- version/mozilla firefox/3.5.7
- version/mozilla firefox/3.5.8
- version/mozilla firefox/3.5.9
- version/mozilla firefox/3.5.10
- version/mozilla firefox/3.5.11
- version/mozilla firefox/3.5.12
- version/mozilla firefox/3.5.13
- version/mozilla firefox/3.5.14
- version/mozilla firefox/3.5.15
- version/mozilla firefox/3.5.16
- version/mozilla firefox/3.5.17
- version/mozilla firefox/3.5.18
- version/mozilla firefox/3.5.19
- version/mozilla firefox/3.6
- version/mozilla firefox/3.6.2
- version/mozilla firefox/3.6.3
- version/mozilla firefox/3.6.4
- version/mozilla firefox/3.6.6
- version/mozilla firefox/3.6.7
- version/mozilla firefox/3.6.8
- version/mozilla firefox/3.6.9
- version/mozilla firefox/3.6.10
- version/mozilla firefox/3.6.11
- version/mozilla firefox/3.6.12
- version/mozilla firefox/3.6.13
- version/mozilla firefox/3.6.14
- version/mozilla firefox/3.6.15
- version/mozilla firefox/3.6.16
- version/mozilla firefox/3.6.17
- version/mozilla firefox/3.6.18
- version/mozilla firefox/3.6.19
- version/mozilla firefox/3.6.20
- version/mozilla firefox/3.6.21
- version/mozilla firefox/3.6.22
- version/mozilla firefox/3.6.23
- version/mozilla firefox/3.6.24
- version/mozilla firefox/3.6.25
- version/mozilla firefox/3.6.26
- version/mozilla firefox/3.6.27
- version/mozilla firefox/3.6.28
- version/mozilla firefox/4.0
- version/mozilla firefox/4.0-beta1
- version/mozilla firefox/4.0-beta10
- version/mozilla firefox/4.0-beta11
- version/mozilla firefox/4.0-beta12
- version/mozilla firefox/4.0-beta2
- version/mozilla firefox/4.0-beta3
- version/mozilla firefox/4.0-beta4
- version/mozilla firefox/4.0-beta5
- version/mozilla firefox/4.0-beta6
- version/mozilla firefox/4.0-beta7
- version/mozilla firefox/4.0-beta8
- version/mozilla firefox/4.0-beta9
- version/mozilla firefox/4.0.1
- version/mozilla firefox/5.0
- version/mozilla firefox/5.0.1
- version/mozilla firefox/6.0
- version/mozilla firefox/6.0.1
- version/mozilla firefox/6.0.2
- version/mozilla firefox/7.0
- version/mozilla firefox/7.0.1
- version/mozilla firefox/8.0
- version/mozilla firefox/8.0.1
- version/mozilla firefox/9.0
- version/mozilla firefox/9.0.1
- version/mozilla firefox/10.0
- version/mozilla firefox/10.0.1
- version/mozilla firefox/10.0.2
- version/mozilla firefox/10.0.3
- version/mozilla firefox/10.0.4
- version/mozilla firefox/10.0.5
- version/mozilla firefox/10.0.6
- version/mozilla firefox/10.0.7
- version/mozilla firefox/10.0.8
- version/mozilla firefox/10.0.9
- version/mozilla firefox/10.0.10
- version/mozilla firefox/10.0.11
- version/mozilla firefox/10.0.12
- version/mozilla firefox/11.0
- version/mozilla firefox/12.0
- version/mozilla firefox/12.0-beta6
- version/mozilla firefox/13.0
- version/mozilla firefox/13.0.1
- version/mozilla firefox/14.0
- version/mozilla firefox/14.0.1
- version/mozilla firefox/15.0
- version/mozilla firefox/15.0.1
- version/mozilla firefox/16.0
- version/mozilla firefox/16.0.1
- version/mozilla firefox/16.0.2
- version/mozilla firefox/17.0
- version/mozilla firefox/17.0.1
- version/mozilla firefox/17.0.2
- version/mozilla firefox/17.0.3
- version/mozilla firefox/17.0.4
- version/mozilla firefox/17.0.5
- version/mozilla firefox/17.0.6
- version/mozilla firefox/17.0.7
- version/mozilla firefox/17.0.8
- version/mozilla firefox/17.0.9
- version/mozilla firefox/17.0.10
- version/mozilla firefox/17.0.11
- version/mozilla firefox/18.0
- version/mozilla firefox/18.0.1
- version/mozilla firefox/18.0.2
- version/mozilla firefox/19.0
- version/mozilla firefox/19.0.1
- version/mozilla firefox/19.0.2
- version/mozilla firefox/20.0
- version/mozilla firefox/20.0.1
- version/mozilla firefox/21.0
- version/mozilla firefox/22.0
- version/mozilla firefox/23.0
- version/mozilla firefox/23.0.1
- version/mozilla firefox/24.0
- version/mozilla firefox/24.1
- version/mozilla firefox/24.1.1
- version/mozilla firefox/25.0
- version/mozilla firefox/25.0.1
- version/mozilla firefox/26.0
- version/mozilla firefox/27.0
- version/mozilla firefox/27.0.1
- version/mozilla firefox/28.0
- version/mozilla firefox/29.0
- version/mozilla firefox/29.0.1
- version/mozilla firefox/30.0
- version/mozilla firefox/31.0
- version/mozilla firefox/31.1.0
- version/mozilla firefox/32.0
- version/mozilla firefox/33.0
- version/mozilla firefox/34.0.5
- vendor/opensuse
- canonical/opensuse opensuse
- version/opensuse opensuse/13.1
- version/opensuse opensuse/13.2