CVE-2015-5962
Severity CVSS v4.0:
Pending analysis
Type:
CWE-189
Numeric Errors
Publication date:
08/08/2015
Last modified:
12/04/2025
Description
Integer signedness error in the SharedBufferManagerParent::RecvAllocateGrallocBuffer function in the buffer-management implementation in the graphics layer in Mozilla Firefox OS before 2.2 might allow attackers to cause a denial of service (memory corruption) via a negative value of a size parameter.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:mozilla:firefox_os:*:*:*:*:*:*:*:* | 2.1.0 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.mozilla.org/security/announce/2015/mfsa2015-77.html
- http://www.securityfocus.com/bid/76253
- https://bugzilla.mozilla.org/show_bug.cgi?id=1145389
- http://www.mozilla.org/security/announce/2015/mfsa2015-77.html
- http://www.securityfocus.com/bid/76253
- https://bugzilla.mozilla.org/show_bug.cgi?id=1145389