CVE-2015-2742Sensitive Information Exposure in Mozilla Firefox

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.6%
top 31.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla FirefoxOracle Solaris
Timeline
PublishedJul 6
Latest updateMay 13

Description

Mozilla Firefox before 39.0 on OS X includes native key press information during the logging of crashes, which allows remote attackers to obtain sensitive information by leveraging access to a crash-reporting data stream.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

NVDmozilla/firefox38.1.0
NVDoracle/solaris11.3

🔴Vulnerability Details

2
GHSA
GHSA-xhfv-25pm-fp3g: Mozilla Firefox before 392022-05-13
CVEList
CVE-2015-2742: Mozilla Firefox before 392015-07-06
CVE-2015-2742 — Sensitive Information Exposure | cvebase