Lucene search
Mozilla FoundationMFSA2015-16HistoryFeb 24, 2015 - 12:00 a.m.
Use-after-free in IndexedDB — Mozilla
2015-02-2400:00:00
Mozilla Foundation
www.mozilla.org
38
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.031
Percentile
91.1%
Security researcher Paul Bandha used the used the Address Sanitizer tool to discover a use-after-free vulnerability when running specific web content with IndexedDB to create an index. This leads to a potentially exploitable crash.
Affected configurations
Node
mozillafirefoxRange<36
ORmozillafirefox_esrRange<31.5
ORmozillafirefox_osRange<2.2
ORmozillaseamonkeyRange<2.33
ORmozillathunderbirdRange<31.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | firefox | * | cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* |
| mozilla | firefox_esr | * | cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* |
| mozilla | firefox_os | * | cpe:2.3:o:mozilla:firefox_os:*:*:*:*:*:*:*:* |
| mozilla | seamonkey | * | cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* |
| mozilla | thunderbird | * | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2015-0831
2015-02-25 11:59:11
prion
prion
Design/Logic Flaw
2015-02-25 11:59:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:12:32
ubuntucve
ubuntucve
CVE-2015-0831
2015-02-25 00:00:00
nvd
nvd
CVE-2015-0831
2015-02-25 11:59:11
cvelist
cvelist
CVE-2015-0831
2015-02-25 11:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2015-16) - Linux
2021-11-11 00:00:00
Oracle: Security Advisory (ELSA-2015-0642)
2015-10-06 00:00:00
Ubuntu: Security Advisory (USN-2506-1)
2015-03-04 00:00:00
debian
debian
[SECURITY] [DSA 3179-1] icedove security update
2015-03-03 21:37:56
[SECURITY] [DSA 3174-1] iceweasel security update
2015-02-25 18:52:05
osv
osv
icedove - security update
2015-03-03 00:00:00
iceweasel - security update
2015-02-25 00:00:00
centos
centos
thunderbird security update
2015-03-19 19:31:21
firefox, xulrunner security update
2015-02-25 03:04:39
thunderbird security update
2015-02-25 20:08:47
oraclelinux
oraclelinux
thunderbird security update
2015-03-12 00:00:00
thunderbird security update
2015-02-25 00:00:00
firefox security update
2015-02-25 00:00:00
nessus
nessus
Debian DSA-3174-1 : iceweasel - security update
2015-02-26 00:00:00
Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20150225)
2015-02-26 00:00:00
RHEL 5 / 6 / 7 : firefox (RHSA-2015:0265)
2015-02-25 00:00:00
mageia
mageia
Updated firefox and thunderbird packages fix security vulnerabilities
2015-02-26 11:26:53
Updated iceape packages fix security vulnerabilities
2015-04-03 16:11:23
redhat
redhat
(RHSA-2015:0266) Important: thunderbird security update
2015-02-25 00:00:00
(RHSA-2015:0642) Important: thunderbird security update
2015-03-05 00:00:00
(RHSA-2015:0629) Critical: firefox security update
2015-03-05 13:49:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2015-03-03 00:00:00
Firefox regression
2015-03-09 00:00:00
Firefox vulnerabilities
2015-02-25 00:00:00
suse
suse
Security update for MozillaThunderbird (important)
2015-03-07 11:04:50
Security update for Mozilla Firefox (important)
2015-03-07 01:05:04
Security update for Mozilla Firefox (important)
2015-03-07 00:04:56
archlinux
archlinux
thunderbird: multiple issues
2015-02-25 00:00:00
firefox: multiple issues
2015-02-25 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2015-02-24 00:00:00
kaspersky
kaspersky
KLA10464 Multiple vulnerabilities in Mozilla products
2015-02-24 00:00:00
ibm
ibm
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2015-03-22 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.031
Percentile
91.1%
Related for MFSA2015-16