JPEGEncoder Function Race Condition Vulnerability

JPEGEncoder Function Race Condition Vulnerability

CVE-2015-7189 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via vectors involving a CANVAS element and crafted JavaScript code.

Learn more about our Cis Benchmark Audit For Mozilla Firefox.