Unrated severityNVD Advisory· Published Apr 1, 2015· Updated Jun 17, 2026
CVE-2015-0813
CVE-2015-0813
Description
Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted MP3 file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <=31.5.3
- (no CPE)range: <37.0
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: <=31.5
- (no CPE)range: <31.6
- osv-coords7 versionspkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweedpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012
< 128.5.1-1.1+ 6 more
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 50.1.0-1.1
- (no CPE)range: < 45.5.1-1.1
- (no CPE)range: < 31.6.0esr-30.1
- (no CPE)range: < 31.6.0esr-30.1
- (no CPE)range: < 31.6.0esr-30.1
- (no CPE)range: < 31.6.0esr-30.1
Patches
Vulnerability mechanics
References
17- www.mozilla.org/security/announce/2015/mfsa2015-31.htmlnvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2015-04/msg00003.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-04/msg00006.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-0766.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-0771.htmlnvd
- www.debian.org/security/2015/dsa-3211nvd
- www.debian.org/security/2015/dsa-3212nvd
- www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.htmlnvd
- www.securityfocus.com/bid/73463nvd
- www.securitytracker.com/id/1031996nvd
- www.securitytracker.com/id/1032000nvd
- www.ubuntu.com/usn/USN-2550-1nvd
- www.ubuntu.com/usn/USN-2552-1nvd
- bugzilla.mozilla.org/show_bug.cginvd
- security.gentoo.org/glsa/201512-10nvd
News mentions
0No linked articles in our index yet.