CVE-2015-4473

Published Aug 16, 2015

Last updated 19 days ago

CVSS info 10.0

Overview

Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Source: security@mozilla.org
NVD status: Modified
Products: ubuntu_linux, debian_linux, opensuse, firefox

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
            "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
            "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
            "matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
            "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "40AB4FC4-00EA-4C4E-81D8-170BD068B28B",
            "versionEndIncluding": "39.0.3",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "35BF0AFB-26BA-4BEA-B6B8-11CF88E951DE",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*",
            "matchCriteriaId": "1F007CC6-9391-4E1C-A747-F3DE5E572FA5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*",
            "matchCriteriaId": "45E9641F-430C-4B3A-BD63-EC13DBD3D1E4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "5AADD23B-A8AF-4679-990D-C29A1D6EB5CD",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

Related CVEs

References