Published: 06/07/2015 Updated: 12/09/2023

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 39.0, Firefox ESR 38.x prior to 38.1, and Thunderbird prior to 38.1 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
novell suse linux enterprise server 12.0
novell suse linux enterprise server 11
novell suse linux enterprise desktop 12.0
novell suse linux enterprise software development kit 12.0
oracle solaris 11.3
mozilla firefox esr 38.0
mozilla firefox esr 31.1
mozilla firefox esr 31.3.0
mozilla firefox esr 31.1.1
mozilla firefox esr 31.7.0
mozilla firefox esr 31.5
mozilla firefox esr 31.6.0
mozilla firefox esr 31.3
mozilla firefox esr 31.5.3
mozilla firefox esr 31.5.1
mozilla firefox esr 31.1.0
mozilla firefox esr 31.2
mozilla firefox esr 31.4
mozilla firefox esr 31.0
mozilla firefox esr 31.5.2
mozilla firefox
mozilla thunderbird

Firefox could be made to crash or run programs as your login if it opened a malicious website ...

Mozilla Foundation Security Advisory 2015-59 Miscellaneous memory safety hazards (rv:390 / rv:318 / rv:381) Announced July 2, 2015 Reporter Mozilla Developers Impact Critical Products Firefox, Firefox ESR, Firefox OS, Sea ...

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 390, Firefox ESR 38x before 381, and Thunderbird before 381 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors ...

CWE-119 https://bugzilla.mozilla.org/show_bug.cgi?id=1172076 https://bugzilla.mozilla.org/show_bug.cgi?id=1156861 http://www.mozilla.org/security/announce/2015/mfsa2015-59.html https://bugzilla.mozilla.org/show_bug.cgi?id=1056410 https://bugzilla.mozilla.org/show_bug.cgi?id=1159973 https://bugzilla.mozilla.org/show_bug.cgi?id=1163359 https://bugzilla.mozilla.org/show_bug.cgi?id=1172397 https://bugzilla.mozilla.org/show_bug.cgi?id=1151650 https://bugzilla.mozilla.org/show_bug.cgi?id=1159321 https://bugzilla.mozilla.org/show_bug.cgi?id=1163852 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.securityfocus.com/bid/75541 https://security.gentoo.org/glsa/201512-10 http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html http://rhn.redhat.com/errata/RHSA-2015-1455.html http://www.ubuntu.com/usn/USN-2656-2 http://www.ubuntu.com/usn/USN-2656-1 http://www.securitytracker.com/id/1032784 http://www.securitytracker.com/id/1032783 http://rhn.redhat.com/errata/RHSA-2015-1207.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html https://nvd.nist.gov https://usn.ubuntu.com/2656-1/https://access.redhat.com/security/cve/cve-2015-2725

CVE-2015-2725

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect