CVE-2015-5962

EUVD-2015-5907
Integer signedness error in the SharedBufferManagerParent::RecvAllocateGrallocBuffer function in the buffer-management implementation in the graphics layer in Mozilla Firefox OS before 2.2 might allow attackers to cause a denial of service (memory corruption) via a negative value of a size parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
Affected Products (NVD)
VendorProductVersion
mozillafirefox_os
𝑥
≤ 2.1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.mozilla.org/security/announce/2015/mfsa2015-77.html
http://www.securityfocus.com/bid/76253
https://bugzilla.mozilla.org/show_bug.cgi?id=1145389
http://www.mozilla.org/security/announce/2015/mfsa2015-77.html
http://www.securityfocus.com/bid/76253
https://bugzilla.mozilla.org/show_bug.cgi?id=1145389