Lucene search

K
cve[email protected]CVE-2015-7212
HistoryDec 16, 2015 - 11:59 a.m.

CVE-2015-7212

2015-12-1611:59:10
CWE-189
web.nvd.nist.gov
61
cve-2015-7212
integer overflow
mozilla
firefox
nvd
security vulnerability
code execution

8.1 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.039 Low

EPSS

Percentile

92.0%

Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation.

Affected configurations

NVD
Node
fedoraprojectfedoraMatch22
OR
fedoraprojectfedoraMatch23
Node
opensuseleapMatch42.1
OR
opensuseopensuseMatch13.1
OR
opensuseopensuseMatch13.2
Node
mozillafirefoxRange42.0
Node
mozillafirefox_esrMatch38.0
OR
mozillafirefox_esrMatch38.0.1
OR
mozillafirefox_esrMatch38.0.5
OR
mozillafirefox_esrMatch38.1.0
OR
mozillafirefox_esrMatch38.1.1
OR
mozillafirefox_esrMatch38.2.0
OR
mozillafirefox_esrMatch38.2.1
OR
mozillafirefox_esrMatch38.3.0
OR
mozillafirefox_esrMatch38.4.0

References

8.1 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.039 Low

EPSS

Percentile

92.0%