Vulnerability Details : CVE-2015-2724
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Vulnerability category: Memory CorruptionExecute codeDenial of service
Products affected by CVE-2015-2724
- cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_server:11:sp4:*:*:*:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*
- cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:31.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:31.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:31.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:31.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:31.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:31.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:31.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:31.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:31.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:31.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:31.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:31.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:31.7.0:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-2724
0.94%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 83 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-2724
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2015-2724
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-2724
-
http://www.debian.org/security/2015/dsa-3300
Debian -- Security Information -- DSA-3300-1 iceweasel
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html
[security-announce] SUSE-SU-2015:1269-1: important: Security update forThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-1207.html
RHSA-2015:1207 - Security Advisory - Red Hat Customer Portal
-
http://www.securitytracker.com/id/1032783
Mozilla Firefox Multiple Flaws Let Remote Users Execute Arbitrary Code, Obtain Potentially Sensitive Information, Bypass Security Restrictions, and Gain Elevated Privileges - SecurityTracker
-
https://security.gentoo.org/glsa/201512-10
Mozilla Products: Multiple vulnerabilities (GLSA 201512-10) — Gentoo security
-
http://www.securityfocus.com/bid/75541
Mozilla Firefox/Thunderbird Multiple Security Vulnerabilities
-
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
Oracle Solaris Third Party Bulletin - October 2015Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
[security-announce] SUSE-SU-2015:1449-1: important: Security update for
-
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
Oracle Solaris Bulletin - April 2016Third Party Advisory
-
http://www.securitytracker.com/id/1032784
Mozilla Thunderbird Multiple Flaws Let Remote Users Execute Arbitrary Code, Obtain Potentially Sensitive Information, and Bypass Security Restrictions - SecurityTracker
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1164567
1164567 - Various consumers in the tree use nsIPrincipal off-main-threadIssue Tracking
-
http://www.ubuntu.com/usn/USN-2656-2
USN-2656-2: Firefox vulnerabilities | Ubuntu security notices
-
http://www.mozilla.org/security/announce/2015/mfsa2015-59.html
Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 / rv:38.1) — MozillaVendor Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-1455.html
RHSA-2015:1455 - Security Advisory - Red Hat Customer Portal
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1160884
1160884 - Crash [@ js::str_split_string(JSContext*, JS::Handle<js::ObjectGroup*>, JS::Handle<JSString*>, JS::Handle<JSString*>) ]Issue Tracking
-
http://www.debian.org/security/2015/dsa-3324
Debian -- Security Information -- DSA-3324-1 icedoveThird Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1154876
1154876 - Flash calls PPluginModuleChild::SendSetCursor() off the main threadIssue Tracking
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
[security-announce] openSUSE-SU-2015:1266-1: important: Mozilla (Firefox
-
http://www.ubuntu.com/usn/USN-2656-1
USN-2656-1: Firefox vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html
[security-announce] SUSE-SU-2015:1268-1: important: Security update forThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2673-1
USN-2673-1: Thunderbird vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html
[security-announce] openSUSE-SU-2015:1229-1: important: Security update
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1143679
1143679 - Crash [@ js::UnwindIteratorForException] or Assertion failure: moreAllocations(), at jit/JitFrameIterator.h:454 or heap-use-after-free [@ js::jit::CompactBufferReader::readByte]Issue Tracking
Jump to