Mozilla » Firefox : Security Vulnerabilities, CVEs, Published In August 2015 (Denial of service)

CVE-2015-4489

The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging a self assignment.
Max CVSS
7.5
EPSS Score
3.07%
Published
2015-08-16
Updated
2018-10-30

CVE-2015-4487

The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, related to an "overflow."
Max CVSS
7.5
EPSS Score
5.26%
Published
2015-08-16
Updated
2018-10-30

CVE-2015-4486

The decrease_ref_count function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via malformed WebM video data.
Max CVSS
10.0
EPSS Score
1.77%
Published
2015-08-16
Updated
2018-10-30

CVE-2015-4484

The js::jit::AssemblerX86Shared::lock_addl function in the JavaScript implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to cause a denial of service (application crash) by leveraging the use of shared memory and accessing (1) an Atomics object or (2) a SharedArrayBuffer object.
Max CVSS
5.0
EPSS Score
4.86%
Published
2015-08-16
Updated
2018-10-30

CVE-2015-4482

mar_read.c in the Updater in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows local users to gain privileges or cause a denial of service (out-of-bounds write) via a crafted name of a Mozilla Archive (aka MAR) file.
Max CVSS
4.6
EPSS Score
0.06%
Published
2015-08-16
Updated
2018-10-30

CVE-2015-4475

The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a malformed file.
Max CVSS
7.5
EPSS Score
5.50%
Published
2015-08-16
Updated
2018-10-30

CVE-2015-4474

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Max CVSS
10.0
EPSS Score
4.02%
Published
2015-08-16
Updated
2018-10-30

CVE-2015-4473

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Max CVSS
10.0
EPSS Score
1.60%
Published
2015-08-16
Updated
2018-10-30
8 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close