Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2015-0822

Published: 25/02/2015 Updated: 24/12/2016
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 384
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Firefox

Vulnerability Summary

The Form Autocompletion feature in Mozilla Firefox prior to 36.0, Firefox ESR 31.x prior to 31.5, and Thunderbird prior to 31.5 allows remote malicious users to read arbitrary files via crafted JavaScript code.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla firefox 32.0

mozilla firefox 31.1.0

mozilla firefox 3.6.4

mozilla firefox 3.6.3

mozilla firefox 3.6.22

mozilla firefox 3.6.21

mozilla firefox 3.6.14

mozilla firefox 3.6.13

mozilla firefox 3.5.7

mozilla firefox 3.5.6

mozilla firefox 3.5.17

mozilla firefox 3.5.16

mozilla firefox 3.5

mozilla firefox 3.0.9

mozilla firefox 3.0.2

mozilla firefox

mozilla firefox 3.6.9

mozilla firefox 3.6.8

mozilla firefox 3.6.26

mozilla firefox 3.6.25

mozilla firefox 3.6.18

mozilla firefox 3.6.17

mozilla firefox 3.6.10

mozilla firefox 3.6

mozilla firefox 3.5.3

mozilla firefox 3.5.2

mozilla firefox 3.5.12

mozilla firefox 3.5.11

mozilla firefox 3.0.6

mozilla firefox 3.0.5

mozilla firefox 3.0.16

mozilla firefox 3.0.15

mozilla firefox 29.0.1

mozilla firefox 29.0

mozilla firefox 24.1.1

mozilla firefox 24.1

mozilla firefox 20.0

mozilla firefox 2.0.0.9

mozilla firefox 2.0.0.2

mozilla firefox 2.0.0.19

mozilla firefox 2.0.0.12

mozilla firefox 2.0.0.11

mozilla firefox 18.0.2

mozilla firefox 18.0.1

mozilla firefox 18.0

mozilla firefox 17.0.3

mozilla firefox 17.0.2

mozilla firefox 16.0

mozilla firefox 15.0.1

mozilla firefox 11.0

mozilla firefox 10.0.9

mozilla firefox 10.0.2

mozilla firefox 10.0.12

mozilla firefox 4.0

mozilla firefox 7.0

mozilla firefox 7.0.1

mozilla firefox 1.5.7

mozilla firefox 1.5.6

mozilla firefox 1.5.0.7

mozilla firefox 1.5.0.6

mozilla firefox 1.5.0.10

mozilla firefox 1.5.0.1

mozilla firefox 1.0.6

mozilla firefox 1.0.5

mozilla firefox 0.9.2

mozilla firefox 0.9.1

mozilla firefox 0.6

mozilla firefox 0.5

mozilla firefox 3.0.19

mozilla firefox 3.0.12

mozilla firefox 3.0.11

mozilla firefox 3.0.10

mozilla firefox 27.0

mozilla firefox 26.0

mozilla firefox 23.0

mozilla firefox 22.0

mozilla firefox 2.0.0.5

mozilla firefox 2.0.0.4

mozilla firefox 2.0.0.16

mozilla firefox 2.0.0.15

mozilla firefox 2.0

mozilla firefox 19.0.2

mozilla firefox 17.0.7

mozilla firefox 17.0.6

mozilla firefox 17.0.1

mozilla firefox 17.0

mozilla firefox 14.0

mozilla firefox 13.0.1

mozilla firefox 10.0.6

mozilla firefox 10.0.5

mozilla firefox 10.0.1

mozilla firefox 10.0

mozilla firefox 5.0.1

mozilla firefox 6.0

mozilla firefox 9.0

mozilla firefox 9.0.1

mozilla firefox 1.5.3

mozilla firefox 1.5.2

mozilla firefox 1.5.1

mozilla firefox 1.5.0.3

mozilla firefox 1.5.0.2

mozilla firefox 1.5

mozilla firefox 1.4.1

mozilla firefox 1.0.1

mozilla firefox 1.0

mozilla firefox 0.8

mozilla firefox 0.7.1

mozilla firefox 0.2

mozilla firefox 0.10.1

mozilla firefox 31.0

mozilla firefox 30.0

mozilla firefox 3.6.28

mozilla firefox 3.6.27

mozilla firefox 3.6.20

mozilla firefox 3.6.2

mozilla firefox 3.6.19

mozilla firefox 3.6.12

mozilla firefox 3.6.11

mozilla firefox 3.5.5

mozilla firefox 3.5.4

mozilla firefox 3.5.15

mozilla firefox 3.5.14

mozilla firefox 3.5.13

mozilla firefox 3.0.8

mozilla firefox 3.0.7

mozilla firefox 3.0.18

mozilla firefox 3.0.17

mozilla firefox 3.0.1

mozilla firefox 3.0

mozilla firefox 25.0.1

mozilla firefox 25.0

mozilla firefox 21.0

mozilla firefox 20.0.1

mozilla firefox 2.0.0.3

mozilla firefox 2.0.0.20

mozilla firefox 2.0.0.14

mozilla firefox 2.0.0.13

mozilla firefox 19.0.1

mozilla firefox 19.0

mozilla firefox 17.0.5

mozilla firefox 17.0.4

mozilla firefox 16.0.2

mozilla firefox 16.0.1

mozilla firefox 13.0

mozilla firefox 12.0

mozilla firefox 10.0.4

mozilla firefox 10.0.3

mozilla firefox 6.0.1

mozilla firefox 6.0.2

mozilla firefox 1.8

mozilla firefox 1.5.8

mozilla firefox 1.5.0.9

mozilla firefox 1.5.0.8

mozilla firefox 1.5.0.12

mozilla firefox 1.5.0.11

mozilla firefox 1.0.8

mozilla firefox 1.0.7

mozilla firefox 0.9.3

mozilla firefox 0.7

mozilla firefox 0.6.1

mozilla firefox 0.10

mozilla firefox 0.1

mozilla firefox 34.0.5

mozilla firefox 33.0

mozilla firefox 3.6.7

mozilla firefox 3.6.6

mozilla firefox 3.6.24

mozilla firefox 3.6.23

mozilla firefox 3.6.16

mozilla firefox 3.6.15

mozilla firefox 3.5.9

mozilla firefox 3.5.8

mozilla firefox 3.5.19

mozilla firefox 3.5.18

mozilla firefox 3.5.10

mozilla firefox 3.5.1

mozilla firefox 3.0.4

mozilla firefox 3.0.3

mozilla firefox 3.0.14

mozilla firefox 3.0.13

mozilla firefox 28.0

mozilla firefox 27.0.1

mozilla firefox 24.0

mozilla firefox 23.0.1

mozilla firefox 2.0.0.8

mozilla firefox 2.0.0.7

mozilla firefox 2.0.0.6

mozilla firefox 2.0.0.18

mozilla firefox 2.0.0.17

mozilla firefox 2.0.0.10

mozilla firefox 2.0.0.1

mozilla firefox 17.0.9

mozilla firefox 17.0.8

mozilla firefox 17.0.11

mozilla firefox 17.0.10

mozilla firefox 15.0

mozilla firefox 14.0.1

mozilla firefox 10.0.8

mozilla firefox 10.0.7

mozilla firefox 10.0.11

mozilla firefox 10.0.10

mozilla firefox 4.0.1

mozilla firefox 5.0

mozilla firefox 8.0

mozilla firefox 8.0.1

mozilla firefox 1.5.5

mozilla firefox 1.5.4

mozilla firefox 1.5.0.5

mozilla firefox 1.5.0.4

mozilla firefox 1.0.4

mozilla firefox 1.0.3

mozilla firefox 1.0.2

mozilla firefox 0.9

mozilla firefox 0.4

mozilla firefox 0.3

mozilla thunderbird

mozilla thunderbird 31.3

mozilla thunderbird 31.0

mozilla thunderbird 31.2

mozilla thunderbird 31.1.2

mozilla firefox esr 31.1.1

mozilla firefox esr 31.2

mozilla firefox esr 31.5

mozilla firefox esr 31.0

mozilla firefox esr 31.1

mozilla firefox esr 31.3

mozilla firefox esr 31.4

Vendor Advisories

Red Hat: Critical: firefox security update
Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic Updated firefox packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5, 6 and 7Red Hat Product Security has rated this update as having Critical securityimpact Common Vulnerabilit ...
Red Hat: Important: thunderbird security update
Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Topic An updated thunderbird package that fixes multiple security issues is nowavailable for Red Hat Enterprise Linux 5 and 6Red Hat Product Security has rated this update as having Important securityimpact Common V ...
Debian Security Advisories: DSA-3174-1 iceweasel -- security update
Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and implementation errors may lead to the execution of arbitrary code or information disclosure For the stable distribution (wheezy), these problems have been fixed in version 3150esr-1~deb7u1 For the unstabl ...
Ubuntu Security Notice: thunderbird vulnerabilities
Several security issues were fixed in Thunderbird ...
Ubuntu Security Notice: firefox regression
USN-2505-1 introduced a regression in Firefox ...
Ubuntu Security Notice: firefox vulnerabilities
Firefox could be made to crash or run programs as your login if it opened a malicious website ...
Mozilla: Reading of local files through manipulation of form autocomplete
Mozilla Foundation Security Advisory 2015-24 Reading of local files through manipulation of form autocomplete Announced February 24, 2015 Reporter Armin Razmdjou Impact High Products Firefox, Firefox ESR, Firefox OS, SeaMonke ...

References

CWE-200https://bugzilla.mozilla.org/show_bug.cgi?id=1110557http://www.mozilla.org/security/announce/2015/mfsa2015-24.htmlhttp://www.securitytracker.com/id/1031791http://www.securitytracker.com/id/1031792http://www.securityfocus.com/bid/72756http://rhn.redhat.com/errata/RHSA-2015-0265.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0266.htmlhttp://www.debian.org/security/2015/dsa-3174http://www.ubuntu.com/usn/USN-2505-1http://www.ubuntu.com/usn/USN-2506-1http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00001.htmlhttp://www.debian.org/security/2015/dsa-3179http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00008.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0642.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00026.htmlhttp://lists.opensuse.org/opensuse-updates/2015-03/msg00067.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.htmlhttps://security.gentoo.org/glsa/201504-01http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.htmlhttps://access.redhat.com/errata/RHSA-2015:0265https://nvd.nist.govhttps://usn.ubuntu.com/2506-1/https://www.debian.org/security/./dsa-3174
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook