CVE-2015-7199Improper Restriction of Operations within the Bounds of a Memory Buffer in Mozilla Firefox

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer10 documents7 sources
Severity
7.5HIGHNVD
EPSS
2.5%
top 14.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla FirefoxMozilla Thunderbird
Timeline
PublishedNov 5
Latest updateMay 17

Description

The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted SVG document.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

Ubuntumozilla/firefox< 42.0+build2-0ubuntu0.14.04.1
NVDmozilla/firefox41.0.2+8
Ubuntumozilla/thunderbird< 1:38.4.0+build3-0ubuntu0.14.04.1

🔴Vulnerability Details

4
GHSA
GHSA-95j5-rfpg-w4rp: The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 422022-05-17
OSV
thunderbird vulnerabilities2015-12-01
OSV
CVE-2015-7199: The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 422015-11-04
OSV
firefox vulnerabilities2015-11-04

📋Vendor Advisories

3
Ubuntu
Thunderbird vulnerabilities2015-12-01
Red Hat
Mozilla: Vulnerabilities found through code inspection (MFSA 2015-131)2015-11-04
Ubuntu
Firefox vulnerabilities2015-11-04

📄Research Papers

1
arXiv
Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities2020-08-17

💬Community

1
Bugzilla
CVE-2015-7198 CVE-2015-7199 CVE-2015-7200 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-131)2015-11-03