7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.961 High
EPSS
Percentile
99.5%
The Mozilla Project reports:
MFSA-2015-30 Miscellaneous memory safety hazards (rv:37.0
/ rv:31.6)
MFSA-2015-31 Use-after-free when using the Fluendo MP3
GStreamer plugin
MFSA-2015-32 Add-on lightweight theme installation
approval bypassed through MITM attack
MFSA-2015-33 resource:// documents can load privileged
pages
MFSA-2015-34 Out of bounds read in QCMS library
MFSA-2015-35 Cursor clickjacking with flash and images
MFSA-2015-36 Incorrect memory management for simple-type
arrays in WebRTC
MFSA-2015-37 CORS requests should not follow 30x
redirections after preflight
MFSA-2015-38 Memory corruption crashes in Off Main Thread
Compositing
MFSA-2015-39 Use-after-free due to type confusion flaws
MFSA-2015-40 Same-origin bypass through anchor navigation
MFSA-2015-41 PRNG weakness allows for DNS poisoning on
Android
MFSA-2015-42 Windows can retain access to privileged
content on navigation to unprivileged pages
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | firefox | < 37.0,1 | UNKNOWN |
FreeBSD | any | noarch | firefox-esr | < 31.6.0,1 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox | < 37.0,1 | UNKNOWN |
FreeBSD | any | noarch | linux-seamonkey | < 2.34 | UNKNOWN |
FreeBSD | any | noarch | linux-thunderbird | < 31.6.0 | UNKNOWN |
FreeBSD | any | noarch | seamonkey | < 2.34 | UNKNOWN |
FreeBSD | any | noarch | thunderbird | < 31.6.0 | UNKNOWN |
FreeBSD | any | noarch | libxul | < 31.6.0 | UNKNOWN |
www.mozilla.org/security/advisories/
www.mozilla.org/security/advisories/mfsa2015-30/
www.mozilla.org/security/advisories/mfsa2015-31/
www.mozilla.org/security/advisories/mfsa2015-32/
www.mozilla.org/security/advisories/mfsa2015-33/
www.mozilla.org/security/advisories/mfsa2015-34/
www.mozilla.org/security/advisories/mfsa2015-35/
www.mozilla.org/security/advisories/mfsa2015-36/
www.mozilla.org/security/advisories/mfsa2015-37/
www.mozilla.org/security/advisories/mfsa2015-38/
www.mozilla.org/security/advisories/mfsa2015-39/
www.mozilla.org/security/advisories/mfsa2015-40/
www.mozilla.org/security/advisories/mfsa2015-41/
www.mozilla.org/security/advisories/mfsa2015-42/