Lucene search
Mozilla FoundationMFSA2015-19HistoryFeb 24, 2015 - 12:00 a.m.
Out-of-bounds read and write while rendering SVG content — Mozilla
2015-02-2400:00:00
Mozilla Foundation
www.mozilla.org
31
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
0.006
Percentile
77.9%
Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to report an out-of-bounds read and an out-of-bounds write when rendering an improperly formatted SVG graphic. This could potentially allow the attacker to read uninitialized memory.
Affected configurations
Node
mozillafirefoxRange<36
ORmozillafirefox_esrRange<31.5
ORmozillafirefox_osRange<2.2
ORmozillaseamonkeyRange<2.33
ORmozillathunderbirdRange<31.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | firefox | * | cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* |
| mozilla | firefox_esr | * | cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* |
| mozilla | firefox_os | * | cpe:2.3:o:mozilla:firefox_os:*:*:*:*:*:*:*:* |
| mozilla | seamonkey | * | cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* |
| mozilla | thunderbird | * | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-0827
2015-02-25 11:00:00
prion
prion
Heap overflow
2015-02-25 11:59:00
cve
cve
CVE-2015-0827
2015-02-25 11:59:08
veracode
veracode
Information Disclosure
2019-05-02 05:12:31
ubuntucve
ubuntucve
CVE-2015-0827
2015-02-25 00:00:00
nvd
nvd
CVE-2015-0827
2015-02-25 11:59:08
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2015-19) - Linux
2021-11-11 00:00:00
Debian: Security Advisory (DSA-3179-1)
2015-03-02 00:00:00
Debian Security Advisory DSA 3179-1 (icedove - security update)
2015-03-03 00:00:00
nessus
nessus
CentOS 5 / 6 / 7 : firefox (CESA-2015:0265)
2015-02-25 00:00:00
Oracle Linux 7 : thunderbird (ELSA-2015-0642)
2015-03-13 00:00:00
redhat
redhat
(RHSA-2015:0642) Important: thunderbird security update
2015-03-05 00:00:00
(RHSA-2015:0629) Critical: firefox security update
2015-03-05 13:49:00
(RHSA-2015:0266) Important: thunderbird security update
2015-02-25 00:00:00
oraclelinux
oraclelinux
firefox security update
2015-02-25 00:00:00
thunderbird security update
2015-02-25 00:00:00
thunderbird security update
2015-03-12 00:00:00
osv
osv
iceweasel - security update
2015-02-25 00:00:00
icedove - security update
2015-03-03 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2015-03-03 00:00:00
Firefox regression
2015-03-09 00:00:00
Firefox vulnerabilities
2015-02-25 00:00:00
debian
debian
[SECURITY] [DSA 3179-1] icedove security update
2015-03-03 21:37:56
[SECURITY] [DSA 3174-1] iceweasel security update
2015-02-25 18:52:05
centos
centos
thunderbird security update
2015-03-19 19:31:21
firefox, xulrunner security update
2015-02-25 03:04:39
thunderbird security update
2015-02-25 20:08:47
mageia
mageia
Updated firefox and thunderbird packages fix security vulnerabilities
2015-02-26 11:26:53
Updated iceape packages fix security vulnerabilities
2015-04-03 16:11:23
suse
suse
Security update for MozillaThunderbird (important)
2015-03-07 11:04:50
Security update for Mozilla Firefox (important)
2015-03-07 01:05:04
Security update for Mozilla Firefox (important)
2015-03-07 00:04:56
archlinux
archlinux
thunderbird: multiple issues
2015-02-25 00:00:00
firefox: multiple issues
2015-02-25 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2015-02-24 00:00:00
kaspersky
kaspersky
KLA10464 Multiple vulnerabilities in Mozilla products
2015-02-24 00:00:00
ibm
ibm
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2015-03-22 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
0.006
Percentile
77.9%
Related for MFSA2015-19