Lucene search

[email protected]NVD:CVE-2015-0828

HistoryFeb 25, 2015 - 11:59 a.m.

CVE-2015-0828

2015-02-2511:59:08

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.2%

JSON

Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScript code that makes an XMLHttpRequest call with zero bytes of data.

Affected configurations

NVD

Node

oraclesolarisMatch11.3

Node

mozillafirefoxRange≤35.0.1

mozillafirefoxMatch0.1

mozillafirefoxMatch0.2

mozillafirefoxMatch0.3

mozillafirefoxMatch0.4

mozillafirefoxMatch0.5

mozillafirefoxMatch0.6

mozillafirefoxMatch0.6.1

mozillafirefoxMatch0.7

mozillafirefoxMatch0.7.1

mozillafirefoxMatch0.8

mozillafirefoxMatch0.9

mozillafirefoxMatch0.9rc

mozillafirefoxMatch0.9.1

mozillafirefoxMatch0.9.2

mozillafirefoxMatch0.9.3

mozillafirefoxMatch0.10

mozillafirefoxMatch0.10.1

mozillafirefoxMatch1.0

mozillafirefoxMatch1.0preview_release

mozillafirefoxMatch1.0.1

mozillafirefoxMatch1.0.2

mozillafirefoxMatch1.0.3

mozillafirefoxMatch1.0.4

mozillafirefoxMatch1.0.5

mozillafirefoxMatch1.0.6

mozillafirefoxMatch1.0.7

mozillafirefoxMatch1.0.8

mozillafirefoxMatch1.4.1

mozillafirefoxMatch1.5

mozillafirefoxMatch1.5beta1

mozillafirefoxMatch1.5beta2

mozillafirefoxMatch1.5.0.1

mozillafirefoxMatch1.5.0.2

mozillafirefoxMatch1.5.0.3

mozillafirefoxMatch1.5.0.4

mozillafirefoxMatch1.5.0.5

mozillafirefoxMatch1.5.0.6

mozillafirefoxMatch1.5.0.7

mozillafirefoxMatch1.5.0.8

mozillafirefoxMatch1.5.0.9

mozillafirefoxMatch1.5.0.10

mozillafirefoxMatch1.5.0.11

mozillafirefoxMatch1.5.0.12

mozillafirefoxMatch1.5.1

mozillafirefoxMatch1.5.2

mozillafirefoxMatch1.5.3

mozillafirefoxMatch1.5.4

mozillafirefoxMatch1.5.5

mozillafirefoxMatch1.5.6

mozillafirefoxMatch1.5.7

mozillafirefoxMatch1.5.8

mozillafirefoxMatch1.8

mozillafirefoxMatch2.0

mozillafirefoxMatch2.0.0.1

mozillafirefoxMatch2.0.0.2

mozillafirefoxMatch2.0.0.3

mozillafirefoxMatch2.0.0.4

mozillafirefoxMatch2.0.0.5

mozillafirefoxMatch2.0.0.6

mozillafirefoxMatch2.0.0.7

mozillafirefoxMatch2.0.0.8

mozillafirefoxMatch2.0.0.9

mozillafirefoxMatch2.0.0.10

mozillafirefoxMatch2.0.0.11

mozillafirefoxMatch2.0.0.12

mozillafirefoxMatch2.0.0.13

mozillafirefoxMatch2.0.0.14

mozillafirefoxMatch2.0.0.15

mozillafirefoxMatch2.0.0.16

mozillafirefoxMatch2.0.0.17

mozillafirefoxMatch2.0.0.18

mozillafirefoxMatch2.0.0.19

mozillafirefoxMatch2.0.0.20

mozillafirefoxMatch3.0

mozillafirefoxMatch3.0.1

mozillafirefoxMatch3.0.2

mozillafirefoxMatch3.0.3

mozillafirefoxMatch3.0.4

mozillafirefoxMatch3.0.5

mozillafirefoxMatch3.0.6

mozillafirefoxMatch3.0.7

mozillafirefoxMatch3.0.8

mozillafirefoxMatch3.0.9

mozillafirefoxMatch3.0.10

mozillafirefoxMatch3.0.11

mozillafirefoxMatch3.0.12

mozillafirefoxMatch3.0.13

mozillafirefoxMatch3.0.14

mozillafirefoxMatch3.0.15

mozillafirefoxMatch3.0.16

mozillafirefoxMatch3.0.17

mozillafirefoxMatch3.0.18

mozillafirefoxMatch3.0.19

mozillafirefoxMatch3.5

mozillafirefoxMatch3.5.1

mozillafirefoxMatch3.5.2

mozillafirefoxMatch3.5.3

mozillafirefoxMatch3.5.4

mozillafirefoxMatch3.5.5

mozillafirefoxMatch3.5.6

mozillafirefoxMatch3.5.7

mozillafirefoxMatch3.5.8

mozillafirefoxMatch3.5.9

mozillafirefoxMatch3.5.10

mozillafirefoxMatch3.5.11

mozillafirefoxMatch3.5.12

mozillafirefoxMatch3.5.13

mozillafirefoxMatch3.5.14

mozillafirefoxMatch3.5.15

mozillafirefoxMatch3.5.16

mozillafirefoxMatch3.5.17

mozillafirefoxMatch3.5.18

mozillafirefoxMatch3.5.19

mozillafirefoxMatch3.6

mozillafirefoxMatch3.6.2

mozillafirefoxMatch3.6.3

mozillafirefoxMatch3.6.4

mozillafirefoxMatch3.6.6

mozillafirefoxMatch3.6.7

mozillafirefoxMatch3.6.8

mozillafirefoxMatch3.6.9

mozillafirefoxMatch3.6.10

mozillafirefoxMatch3.6.11

mozillafirefoxMatch3.6.12

mozillafirefoxMatch3.6.13

mozillafirefoxMatch3.6.14

mozillafirefoxMatch3.6.15

mozillafirefoxMatch3.6.16

mozillafirefoxMatch3.6.17

mozillafirefoxMatch3.6.18

mozillafirefoxMatch3.6.19

mozillafirefoxMatch3.6.20

mozillafirefoxMatch3.6.21

mozillafirefoxMatch3.6.22

mozillafirefoxMatch3.6.23

mozillafirefoxMatch3.6.24

mozillafirefoxMatch3.6.25

mozillafirefoxMatch3.6.26

mozillafirefoxMatch3.6.27

mozillafirefoxMatch3.6.28

mozillafirefoxMatch4.0

mozillafirefoxMatch4.0beta1

mozillafirefoxMatch4.0beta10

mozillafirefoxMatch4.0beta11

mozillafirefoxMatch4.0beta12

mozillafirefoxMatch4.0beta2

mozillafirefoxMatch4.0beta3

mozillafirefoxMatch4.0beta4

mozillafirefoxMatch4.0beta5

mozillafirefoxMatch4.0beta6

mozillafirefoxMatch4.0beta7

mozillafirefoxMatch4.0beta8

mozillafirefoxMatch4.0beta9

mozillafirefoxMatch4.0.1

mozillafirefoxMatch5.0

mozillafirefoxMatch5.0.1

mozillafirefoxMatch6.0

mozillafirefoxMatch6.0.1

mozillafirefoxMatch6.0.2

mozillafirefoxMatch7.0

mozillafirefoxMatch7.0.1

mozillafirefoxMatch8.0

mozillafirefoxMatch8.0.1

mozillafirefoxMatch9.0

mozillafirefoxMatch9.0.1

mozillafirefoxMatch10.0

mozillafirefoxMatch10.0.1

mozillafirefoxMatch10.0.2

mozillafirefoxMatch10.0.3

mozillafirefoxMatch10.0.4

mozillafirefoxMatch10.0.5

mozillafirefoxMatch10.0.6

mozillafirefoxMatch10.0.7

mozillafirefoxMatch10.0.8

mozillafirefoxMatch10.0.9

mozillafirefoxMatch10.0.10

mozillafirefoxMatch10.0.11

mozillafirefoxMatch10.0.12

mozillafirefoxMatch11.0

mozillafirefoxMatch12.0

mozillafirefoxMatch12.0beta6

mozillafirefoxMatch13.0

mozillafirefoxMatch13.0.1

mozillafirefoxMatch14.0

mozillafirefoxMatch14.0.1

mozillafirefoxMatch15.0

mozillafirefoxMatch15.0.1

mozillafirefoxMatch16.0

mozillafirefoxMatch16.0.1

mozillafirefoxMatch16.0.2

mozillafirefoxMatch17.0

mozillafirefoxMatch17.0.1

mozillafirefoxMatch17.0.2

mozillafirefoxMatch17.0.3

mozillafirefoxMatch17.0.4

mozillafirefoxMatch17.0.5

mozillafirefoxMatch17.0.6

mozillafirefoxMatch17.0.7

mozillafirefoxMatch17.0.8

mozillafirefoxMatch17.0.9

mozillafirefoxMatch17.0.10

mozillafirefoxMatch17.0.11

mozillafirefoxMatch18.0

mozillafirefoxMatch18.0.1

mozillafirefoxMatch18.0.2

mozillafirefoxMatch19.0

mozillafirefoxMatch19.0.1

mozillafirefoxMatch19.0.2

mozillafirefoxMatch20.0

mozillafirefoxMatch20.0.1

mozillafirefoxMatch21.0

mozillafirefoxMatch22.0

mozillafirefoxMatch23.0

mozillafirefoxMatch23.0.1

mozillafirefoxMatch24.0

mozillafirefoxMatch24.1

mozillafirefoxMatch24.1.1

mozillafirefoxMatch25.0

mozillafirefoxMatch25.0.1

mozillafirefoxMatch26.0

mozillafirefoxMatch27.0

mozillafirefoxMatch27.0.1

mozillafirefoxMatch28.0

mozillafirefoxMatch29.0

mozillafirefoxMatch29.0.1

mozillafirefoxMatch30.0

mozillafirefoxMatch31.0

mozillafirefoxMatch31.1.0

mozillafirefoxMatch32.0

mozillafirefoxMatch33.0

mozillafirefoxMatch34.0.5

Node

opensuseopensuseMatch13.1

opensuseopensuseMatch13.2

References

lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html

lists.opensuse.org/opensuse-updates/2015-03/msg00067.html

www.mozilla.org/security/announce/2015/mfsa2015-18.html

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

www.securityfocus.com/bid/72744

www.securitytracker.com/id/1031791

bugzilla.mozilla.org/show_bug.cgi?id=1030667

bugzilla.mozilla.org/show_bug.cgi?id=988675

security.gentoo.org/glsa/201504-01

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.2%

JSON

Related for NVD:CVE-2015-0828

cvelist1 mozilla1 openvas6 cve1 ubuntucve1 prion1 mageia1 nessus8 freebsd1 kaspersky1 suse1 securityvulns1 gentoo1