Vulnerability Details : CVE-2015-4513
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Vulnerability category: OverflowMemory CorruptionExecute codeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2015-4513
Probability of exploitation activity in the next 30 days: 8.26%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 94 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2015-4513
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2015-4513
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-4513
-
http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html
openSUSE-SU-2015:2229-1: moderate: Security update for MozillaThunderbir
-
http://rhn.redhat.com/errata/RHSA-2015-2519.html
RHSA-2015:2519 - Security Advisory - Red Hat Customer Portal
-
http://www.ubuntu.com/usn/USN-2785-1
USN-2785-1: Firefox vulnerabilities | Ubuntu security notices
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1213979
1213979 - Heap-use-after-free [@ mozilla::net::Http2Stream::AdjustInitialWindow]
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1206564
1206564 - crash from spinning event loop during resize paint
-
https://security.gentoo.org/glsa/201512-10
Mozilla Products: Multiple vulnerabilities (GLSA 201512-10) — Gentoo security
-
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html
[security-announce] SUSE-SU-2015:1981-1: important: Security update for
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1204700
1204700 - Assertion failure: !has(reg), at jit/RegisterSets.h
-
http://www.securityfocus.com/bid/77411
Mozilla Firefox Multiple Security Vulnerabilities
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1208665
1208665 - TempAllocPolicy::pod_* suffer from integer overflow issues
-
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
Oracle Solaris Bulletin - April 2016
-
http://www.debian.org/security/2015/dsa-3393
Debian -- Security Information -- DSA-3393-1 iceweasel
-
http://rhn.redhat.com/errata/RHSA-2015-1982.html
RHSA-2015:1982 - Security Advisory - Red Hat Customer Portal
-
http://www.debian.org/security/2015/dsa-3410
Debian -- Security Information -- DSA-3410-1 icedove
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Oracle Linux Bulletin - October 2015
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1205707
1205707 - Assertion failure: this->is<T>(), at js/src/jsobj.h:553
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1209471
1209471 - Assertion failure: MIR instruction returned object with unexpected type, at js/src/jit/MacroAssembler.cpp:1531
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1193038
1193038 - UAF in Telemetry::Accumulate(); code appears to not be thread-safe
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1204580
1204580 - Stagefright: crash [@stagefright::SampleTable::setCompositionTimeToSampleParams]
-
http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html
openSUSE-SU-2015:2245-1: moderate: Security update for Mozilla Thunderbi
-
http://www.ubuntu.com/usn/USN-2819-1
USN-2819-1: Thunderbird vulnerabilities | Ubuntu security notices
-
http://www.securitytracker.com/id/1034069
Mozilla Firefox Multiple Flaws Let Remote Users Execute Arbitrary Code, Obtain Potentially Sensitive Information, Bypass Security Restrictions, and Conduct Cross-Site Scripting Attacks - SecurityTrack
-
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html
[security-announce] SUSE-SU-2015:1926-1: important: Security update for
-
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html
[security-announce] openSUSE-SU-2015:1942-1: important: Security update
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1191942
1191942 - crash in nsCOMPtr<T>::nsCOMPtr<T>(nsIVariant*) | nsTArray_Impl<T>::AppendElement<T>(nsIDocument*&)
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1107011
1107011 - Crash in js::jit::LiveInterval::addRangeAtHead
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1204669
1204669 - nsXBLService::GetBinding is still crashing
-
http://www.mozilla.org/security/announce/2015/mfsa2015-116.html
Miscellaneous memory safety hazards (rv:42.0 / rv:38.4) — MozillaVendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html
[security-announce] SUSE-SU-2015:2081-1: important: Security update for
-
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html
[security-announce] SUSE-SU-2015:1978-1: important: Security update for
Products affected by CVE-2015-4513
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:*:*