CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
94.9%
The Mozilla Project reports:
MFSA 2015-133 NSS and NSPR memory corruption issues
MFSA 2015-132 Mixed content WebSocket policy bypass
through workers
MFSA 2015-131 Vulnerabilities found through code
inspection
MFSA 2015-130 JavaScript garbage collection crash with
Java applet
MFSA 2015-129 Certain escaped characters in host of
Location-header are being treated as non-escaped
MFSA 2015-128 Memory corruption in libjar through zip
files
MFSA 2015-127 CORS preflight is bypassed when
non-standard Content-Type headers are received
MFSA 2015-126 Crash when accessing HTML tables with
accessibility tools on OS X
MFSA 2015-125 XSS attack through intents on Firefox for
Android
MFSA 2015-124 Android intents can be used on Firefox for
Android to open privileged files
MFSA 2015-123 Buffer overflow during image interactions
in canvas
MFSA 2015-122 Trailing whitespace in IP address hostnames
can bypass same-origin policy
MFSA 2015-121 Disabling scripts in Add-on SDK panels has
no effect
MFSA 2015-120 Reading sensitive profile files through
local HTML file on Android
MFSA 2015-119 Firefox for Android addressbar can be
removed after fullscreen mode
MFSA 2015-118 CSP bypass due to permissive Reader mode
whitelist
MFSA 2015-117 Information disclosure through NTLM
authentication
MFSA 2015-116 Miscellaneous memory safety hazards
(rv:42.0 / rv:38.4)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | nspr | < 4.10.10 | UNKNOWN |
FreeBSD | any | noarch | linux-c6-nspr | < 4.10.10 | UNKNOWN |
FreeBSD | any | noarch | nss | = 3.20 | UNKNOWN |
FreeBSD | any | noarch | nss | < 3.20.1 | UNKNOWN |
FreeBSD | any | noarch | firefox | < 42.0,1 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox | < 42.0,1 | UNKNOWN |
FreeBSD | any | noarch | seamonkey | < 2.39 | UNKNOWN |
FreeBSD | any | noarch | linux-seamonkey | < 2.39 | UNKNOWN |
FreeBSD | any | noarch | firefox-esr | < 38.4.0,1 | UNKNOWN |
FreeBSD | any | noarch | libxul | < 38.4.0 | UNKNOWN |
www.mozilla.org/security/advisories/mfsa2015-116/
www.mozilla.org/security/advisories/mfsa2015-117/
www.mozilla.org/security/advisories/mfsa2015-118/
www.mozilla.org/security/advisories/mfsa2015-119/
www.mozilla.org/security/advisories/mfsa2015-120/
www.mozilla.org/security/advisories/mfsa2015-121/
www.mozilla.org/security/advisories/mfsa2015-122/
www.mozilla.org/security/advisories/mfsa2015-123/
www.mozilla.org/security/advisories/mfsa2015-124/
www.mozilla.org/security/advisories/mfsa2015-125/
www.mozilla.org/security/advisories/mfsa2015-126/
www.mozilla.org/security/advisories/mfsa2015-127/
www.mozilla.org/security/advisories/mfsa2015-128/
www.mozilla.org/security/advisories/mfsa2015-129/
www.mozilla.org/security/advisories/mfsa2015-130/
www.mozilla.org/security/advisories/mfsa2015-131/
www.mozilla.org/security/advisories/mfsa2015-132/
www.mozilla.org/security/advisories/mfsa2015-133/
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
94.9%