CVE-2015-2724Improper Restriction of Operations within the Bounds of a Memory Buffer in Mozilla Firefox

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer10 documents7 sources
Severity
10.0CRITICALNVD
EPSS
0.9%
top 24.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Mozilla FirefoxMozilla ThunderbirdCanonical Ubuntu Linux+6 more
Timeline
PublishedJul 6
Latest updateMay 17

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages9 packages

Ubuntumozilla/firefox< 39.0+build5-0ubuntu0.14.04.1
NVDmozilla/firefox38.1.0+8
NVDmozilla/firefox_esr7 versions+6
Ubuntumozilla/thunderbird< 1:31.8.0+build1-0ubuntu0.14.04.1

Also affects: Debian Linux 7.0, 8.0, Ubuntu Linux 12.04, 14.04, 14.10, 15.04

🔴Vulnerability Details

4
GHSA
GHSA-v5wf-cp9c-vpq4: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 392022-05-17
OSV
thunderbird vulnerabilities2015-07-20
CVEList
CVE-2015-2724: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 392015-07-06
OSV
CVE-2015-2724: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 392015-07-05

📋Vendor Advisories

4
Ubuntu
Thunderbird vulnerabilities2015-07-20
Ubuntu
Firefox vulnerabilities2015-07-15
Ubuntu
Firefox vulnerabilities2015-07-09
Red Hat
Mozilla: Miscellaneous memory safety hazards (rv:31.8 / rv:38.1) (MFSA 2015-59)2015-07-02

💬Community

1
Bugzilla
CVE-2015-2724 CVE-2015-2725 Mozilla: Miscellaneous memory safety hazards (rv:31.8 / rv:38.1) (MFSA 2015-59)2015-06-30
CVE-2015-2724 — Mozilla Firefox vulnerability | cvebase