7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.066 Low
EPSS
Percentile
93.8%
The Mozilla Project reports:
MFSA-2015-11 Miscellaneous memory safety hazards (rv:36.0
/ rv:31.5)
MFSA-2015-12 Invoking Mozilla updater will load locally
stored DLL files
MFSA-2015-13 Appended period to hostnames can bypass HPKP
and HSTS protections
MFSA-2015-14 Malicious WebGL content crash when writing
strings
MFSA-2015-15 TLS TURN and STUN connections silently fail
to simple TCP connections
MFSA-2015-16 Use-after-free in IndexedDB
MFSA-2015-17 Buffer overflow in libstagefright during MP4
video playback
MFSA-2015-18 Double-free when using non-default memory
allocators with a zero-length XHR
MFSA-2015-19 Out-of-bounds read and write while rendering
SVG content
MFSA-2015-20 Buffer overflow during CSS restyling
MFSA-2015-21 Buffer underflow during MP3 playback
MFSA-2015-22 Crash using DrawTarget in Cairo graphics
library
MFSA-2015-23 Use-after-free in Developer Console date
with OpenType Sanitiser
MFSA-2015-24 Reading of local files through manipulation
of form autocomplete
MFSA-2015-25 Local files or privileged URLs in pages can
be opened into new tabs
MFSA-2015-26 UI Tour whitelisted sites in background tab
can spoof foreground tabs
MFSA-2015-27 Caja Compiler JavaScript sandbox bypass
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | firefox | < 36.0,1 | UNKNOWN |
FreeBSD | any | noarch | firefox-esr | < 31.5.0,1 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox | < 36.0,1 | UNKNOWN |
FreeBSD | any | noarch | linux-seamonkey | < 2.33 | UNKNOWN |
FreeBSD | any | noarch | linux-thunderbird | < 31.5.0 | UNKNOWN |
FreeBSD | any | noarch | seamonkey | < 2.33 | UNKNOWN |
FreeBSD | any | noarch | thunderbird | < 31.5.0 | UNKNOWN |
FreeBSD | any | noarch | libxul | < 31.5.0 | UNKNOWN |
www.mozilla.org/security/advisories/
www.mozilla.org/security/advisories/mfsa2015-11/
www.mozilla.org/security/advisories/mfsa2015-12/
www.mozilla.org/security/advisories/mfsa2015-13/
www.mozilla.org/security/advisories/mfsa2015-14/
www.mozilla.org/security/advisories/mfsa2015-15/
www.mozilla.org/security/advisories/mfsa2015-16/
www.mozilla.org/security/advisories/mfsa2015-17/
www.mozilla.org/security/advisories/mfsa2015-18/
www.mozilla.org/security/advisories/mfsa2015-19/
www.mozilla.org/security/advisories/mfsa2015-20/
www.mozilla.org/security/advisories/mfsa2015-21/
www.mozilla.org/security/advisories/mfsa2015-22/
www.mozilla.org/security/advisories/mfsa2015-23/
www.mozilla.org/security/advisories/mfsa2015-24/
www.mozilla.org/security/advisories/mfsa2015-25/
www.mozilla.org/security/advisories/mfsa2015-26/
www.mozilla.org/security/advisories/mfsa2015-27/