CVE-2015-2708 — Out-of-bounds Write in Mozilla Firefox

10 documents7 sources

Severity

7.5HIGHNVD

EPSS

1.3%

top 20.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR +4 more

Timeline

PublishedMay 14

Latest updateMay 14

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages9 packages

▶Ubuntumozilla/firefox< 38.0+build3-0ubuntu0.14.04.1

▶NVDmozilla/firefox37.0.2+7

▶NVDmozilla/firefox_esr6 versions+5

▶Ubuntumozilla/thunderbird< 1:31.7.0+build1-0ubuntu0.14.04.1

▶NVDmozilla/thunderbird31.5

🔴Vulnerability Details

GHSA

GHSA-mrcq-wp3r-235h: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38↗2022-05-14

▶

OSV

thunderbird vulnerabilities↗2015-05-18

▶

CVEList

CVE-2015-2708: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38↗2015-05-14

▶

OSV

firefox vulnerabilities↗2015-05-13

▶

OSV

CVE-2015-2708: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38↗2015-05-13

▶

📋Vendor Advisories

Ubuntu

Thunderbird vulnerabilities↗2015-05-18

▶

Ubuntu

Firefox vulnerabilities↗2015-05-13

▶

Red Hat

Mozilla: Miscellaneous memory safety hazards (rv:31.7) (MFSA 2015-46)↗2015-05-12

▶

💬Community

Bugzilla

CVE-2015-2708 Mozilla: Miscellaneous memory safety hazards (rv:31.7) (MFSA 2015-46)↗2015-05-12

▶