CVE-2015-2725Improper Restriction of Operations within the Bounds of a Memory Buffer in Mozilla Firefox

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents7 sources
Severity
10.0CRITICALNVD
EPSS
1.6%
top 18.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Mozilla FirefoxMozilla ThunderbirdMozilla Firefox ESR+4 more
Timeline
PublishedJul 6
Latest updateMay 17

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages9 packages

Ubuntumozilla/firefox< 39.0+build5-0ubuntu0.14.04.1
NVDmozilla/firefox38.1.0+8
NVDmozilla/firefox_esr7 versions+6
Ubuntumozilla/thunderbird< 1:31.8.0+build1-0ubuntu0.14.04.1

🔴Vulnerability Details

3
GHSA
GHSA-3852-76gc-8vp3: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 392022-05-17
CVEList
CVE-2015-2725: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 392015-07-06
OSV
CVE-2015-2725: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 392015-07-05

📋Vendor Advisories

3
Ubuntu
Firefox vulnerabilities2015-07-15
Ubuntu
Firefox vulnerabilities2015-07-09
Red Hat
Mozilla: Miscellaneous memory safety hazards (rv:31.8 / rv:38.1) (MFSA 2015-59)2015-07-02

💬Community

1
Bugzilla
CVE-2015-2724 CVE-2015-2725 Mozilla: Miscellaneous memory safety hazards (rv:31.8 / rv:38.1) (MFSA 2015-59)2015-06-30
CVE-2015-2725 — Mozilla Firefox vulnerability | cvebase