Lucene search

K

[email protected]NVD:CVE-2015-7203

HistoryDec 16, 2015 - 11:59 a.m.

CVE-2015-7203

2015-12-1611:59:02

CWE-119

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

High

0.044 Low

EPSS

Percentile

92.4%

Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData function in gfx/thebes/gfxDWriteFontList.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted font-family name.

Affected configurations

NVD

Node

mozillafirefoxRange≤42.0

Node

fedoraprojectfedoraMatch22

OR

fedoraprojectfedoraMatch23

Node

opensuseleapMatch42.1

OR

opensuseopensuseMatch13.1

OR

opensuseopensuseMatch13.2

References

lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html

lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html

lists.opensuse.org/opensuse-updates/2015-12/msg00104.html

lists.opensuse.org/opensuse-updates/2016-02/msg00007.html

lists.opensuse.org/opensuse-updates/2016-02/msg00008.html

www.mozilla.org/security/announce/2015/mfsa2015-144.html

www.securityfocus.com/bid/79280

www.securitytracker.com/id/1034426

www.ubuntu.com/usn/USN-2833-1

bugzilla.mozilla.org/show_bug.cgi?id=1201183

hg.mozilla.org/mozilla-central/rev/e1bcc04808cc

security.gentoo.org/glsa/201512-10

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

High

0.044 Low

EPSS

Percentile

92.4%

Related for NVD:CVE-2015-7203

prion1 ubuntucve1 cvelist1 cve1 mozilla1 openvas6 nessus11 archlinux1 kaspersky1 freebsd1 ubuntu1 mageia1 gentoo1