CVE-2015-7192Mozilla Firefox vulnerability

CWE-172 documents2 sources
Severity
7.5HIGHNVD
EPSS
2.7%
top 14.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Firefox
Timeline
PublishedNov 5
Latest updateMay 17

Description

The accessibility-tools feature in Mozilla Firefox before 42.0 on OS X improperly interacts with the implementation of the TABLE element, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using an NSAccessibilityIndexAttribute value to reference a row index.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDmozilla/firefox41.0.2

🔴Vulnerability Details

1
GHSA
GHSA-8r32-wxw2-w78f: The accessibility-tools feature in Mozilla Firefox before 422022-05-17