Lucene search

[email protected]NVD:CVE-2015-4477

HistoryAug 16, 2015 - 1:59 a.m.

CVE-2015-4477

2015-08-1601:59:04

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9.7

Confidence

High

EPSS

0.054

Percentile

93.2%

JSON

Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API.

Affected configurations

Nvd

Node

canonicalubuntu_linuxMatch12.04lts

canonicalubuntu_linuxMatch14.04lts

canonicalubuntu_linuxMatch15.04

opensuseopensuseMatch13.1

opensuseopensuseMatch13.2

Node

mozillafirefoxRange≤39.0.3

References

lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html

lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

www.mozilla.org/security/announce/2015/mfsa2015-81.html

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

www.securitytracker.com/id/1033247

www.ubuntu.com/usn/USN-2702-1

www.ubuntu.com/usn/USN-2702-2

www.ubuntu.com/usn/USN-2702-3

bugzilla.mozilla.org/show_bug.cgi?id=1179484

security.gentoo.org/glsa/201605-06

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9.7

Confidence

High

EPSS

0.054

Percentile

93.2%

JSON

Related for NVD:CVE-2015-4477

cvelist1 openvas12 ubuntucve1 cve1 mozilla1 prion1 ubuntu3 nessus12 freebsd1 archlinux1 kaspersky1 suse4 ibm1 mageia2 securityvulns1 gentoo1