FortiClient Vulnerability

Security Vulnerabilities fixed in Firefox ESR 38.1

Description

Security researcher Looben Yang used the Address Sanitizer tool to discover two related use-after-free vulnerabilities that occur when using XMLHttpRequest in concert with either shared or dedicated workers. These errors occur when the XMLHttpRequest object is attached to a worker but that object is incorrectly deleted while still in use. This results in exploitable crashes.

Affected Applications

Firefox ESR

CVE References

CVE-2015-2722 CVE-2015-2733

Other References

https://www.mozilla.org/en-US/security/advisories/mfsa2015-65

ID	59969
Created	Jan 17, 2020
Description Updated	Dec 15, 2023
Risk
Coverage	FortiClient
OS	Linux
Vendor	Mozilla
Patch	manual
Application	Firefox ESR

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

Security Vulnerabilities fixed in Firefox ESR 38.1

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

Security Vulnerabilities fixed in Firefox ESR 38.1

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center