N/A
CVE-2015-0831
Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.
EPSS
2.0%
percentile 83.9%
Affected tracked apps
Vulnerable CPE configurations
| Vendor | Product | Platform | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| mozilla | thunderbird | Windows | ≤31.4 | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |
| mozilla | thunderbird | Windows | — | cpe:2.3:a:mozilla:thunderbird:31.0:*:*:*:*:*:*:* |
| mozilla | thunderbird | Windows | — | cpe:2.3:a:mozilla:thunderbird:31.1.2:*:*:*:*:*:*:* |
| mozilla | thunderbird | Windows | — | cpe:2.3:a:mozilla:thunderbird:31.2:*:*:*:*:*:*:* |
| mozilla | thunderbird | Windows | — | cpe:2.3:a:mozilla:thunderbird:31.3:*:*:*:*:*:*:* |