Lucene search

[email protected]NVD:CVE-2015-7220

HistoryDec 16, 2015 - 11:59 a.m.

CVE-2015-7220

2015-12-1611:59:18

CWE-119

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.036 Low

EPSS

Percentile

91.7%

JSON

Buffer overflow in the XDRBuffer::grow function in js/src/vm/Xdr.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code.

Affected configurations

NVD

Node

opensuseleapMatch42.1

opensuseopensuseMatch13.1

opensuseopensuseMatch13.2

Node

mozillafirefoxRange≤42.0

Node

fedoraprojectfedoraMatch22

fedoraprojectfedoraMatch23

References

lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html

lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html

lists.opensuse.org/opensuse-updates/2015-12/msg00104.html

lists.opensuse.org/opensuse-updates/2016-02/msg00007.html

lists.opensuse.org/opensuse-updates/2016-02/msg00008.html

www.mozilla.org/security/announce/2015/mfsa2015-144.html

www.securityfocus.com/bid/79280

www.securitytracker.com/id/1034426

www.ubuntu.com/usn/USN-2833-1

bugzilla.mozilla.org/show_bug.cgi?id=1178033

hg.mozilla.org/mozilla-central/rev/e4b9e72f934f

security.gentoo.org/glsa/201512-10

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.036 Low

EPSS

Percentile

91.7%

JSON

Related for NVD:CVE-2015-7220

cve1 cvelist1 prion1 ubuntucve1 mozilla1 openvas6 nessus11 archlinux1 kaspersky1 mageia1 freebsd1 ubuntu1 gentoo1