5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
64.8%
Security research Nicolas Grégoire used the Address Sanitizer tool to discover an out-of-bounds read in the format-number feature of XSLT, which can cause inaccurate formatting of numbers and information leakage. This is not directly exploitable.
CPE | Name | Operator | Version |
---|---|---|---|
firefox | lt | 15 | |
firefox esr | lt | 10.0.7 | |
seamonkey | lt | 2.12 | |
thunderbird | lt | 15 | |
thunderbird esr | lt | 10.0.7 |