Published: 06/07/2015 Updated: 12/09/2023

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 39.0, Firefox ESR 31.x prior to 31.8 and 38.x prior to 38.1, and Thunderbird prior to 38.1 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle solaris 11.3
mozilla firefox esr 38.0
mozilla firefox esr 31.1
mozilla firefox esr 31.3.0
mozilla firefox esr 31.1.1
mozilla firefox esr 31.7.0
mozilla firefox esr 31.5
mozilla firefox esr 31.6.0
mozilla firefox esr 31.3
mozilla firefox esr 31.5.3
mozilla firefox esr 31.5.1
mozilla firefox esr 31.1.0
mozilla firefox esr 31.2
mozilla firefox esr 31.4
mozilla firefox esr 31.0
mozilla firefox esr 31.5.2
canonical ubuntu linux 12.04
novell suse linux enterprise server 12.0
novell suse linux enterprise server 11
debian debian linux 8.0
debian debian linux 7.0
canonical ubuntu linux 14.10
canonical ubuntu linux 14.04
novell suse linux enterprise desktop 12.0
canonical ubuntu linux 15.04
novell suse linux enterprise software development kit 12.0
mozilla thunderbird
mozilla firefox

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code or denial of service This update also addresses a vulnerability in DHE key processing commonly known as the LogJam vul ...

Firefox could be made to crash or run programs as your login if it opened a malicious website ...

Several security issues were fixed in Thunderbird ...

Mozilla Foundation Security Advisory 2015-59 Miscellaneous memory safety hazards (rv:390 / rv:318 / rv:381) Announced July 2, 2015 Reporter Mozilla Developers Impact Critical Products Firefox, Firefox ESR, Firefox OS, Sea ...

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 390, Firefox ESR 31x before 318 and 38x before 381, and Thunderbird before 381 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors ...

CWE-119 https://bugzilla.mozilla.org/show_bug.cgi?id=1143679 http://www.mozilla.org/security/announce/2015/mfsa2015-59.html https://bugzilla.mozilla.org/show_bug.cgi?id=1164567 https://bugzilla.mozilla.org/show_bug.cgi?id=1154876 https://bugzilla.mozilla.org/show_bug.cgi?id=1160884 http://www.debian.org/security/2015/dsa-3324 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html http://www.ubuntu.com/usn/USN-2673-1 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.securityfocus.com/bid/75541 https://security.gentoo.org/glsa/201512-10 http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html http://rhn.redhat.com/errata/RHSA-2015-1455.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://www.ubuntu.com/usn/USN-2656-2 http://www.ubuntu.com/usn/USN-2656-1 http://www.securitytracker.com/id/1032784 http://www.securitytracker.com/id/1032783 http://www.debian.org/security/2015/dsa-3300 http://rhn.redhat.com/errata/RHSA-2015-1207.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html https://nvd.nist.gov https://www.debian.org/security/./dsa-3300 https://usn.ubuntu.com/2656-1/https://access.redhat.com/security/cve/cve-2015-2724

CVE-2015-2724

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect