6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
9.7 High
AI Score
Confidence
High
0.051 Low
EPSS
Percentile
93.0%
Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence.
lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html
lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html
lists.opensuse.org/opensuse-security-announce/2015-06/msg00000.html
lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
lists.opensuse.org/opensuse-updates/2015-05/msg00036.html
rhn.redhat.com/errata/RHSA-2015-0988.html
rhn.redhat.com/errata/RHSA-2015-1012.html
www.debian.org/security/2015/dsa-3260
www.debian.org/security/2015/dsa-3264
www.mozilla.org/security/announce/2015/mfsa2015-48.html
www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
www.securityfocus.com/bid/74611
www.ubuntu.com/usn/USN-2602-1
www.ubuntu.com/usn/USN-2603-1
bugzilla.mozilla.org/show_bug.cgi?id=1149542
security.gentoo.org/glsa/201605-06
www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7