Lucene search

PRIOn knowledge basePRION:CVE-2015-7183

HistoryNov 05, 2015 - 5:59 a.m.

Integer overflow

2015-11-0505:59:00

PRIOn knowledge base

www.prio-n.com

8.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.057 Low

EPSS

Percentile

93.2%

JSON

Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

CPENameOperatorVersion
firefoxle41.0.2
firefox_esreq38.0
firefox_esreq38.2.1
firefox_esreq38.1.0
firefox_esreq38.2.0
firefox_esreq38.3.0
firefox_esreq38.0.5
firefox_esreq38.0.1
firefox_esreq38.1.1
network_security_servicesle3.19.2.0

Name	Operator	Version
firefox	le	41.0.2
firefox_esr	eq	38.0
firefox_esr	eq	38.2.1
firefox_esr	eq	38.1.0
firefox_esr	eq	38.2.0
firefox_esr	eq	38.3.0
firefox_esr	eq	38.0.5
firefox_esr	eq	38.0.1
firefox_esr	eq	38.1.1
network_security_services	le	3.19.2.0

Rows per page:

1-10 of 111

References

lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html

lists.opensuse.org/opensuse-updates/2015-12/msg00037.html

lists.opensuse.org/opensuse-updates/2015-12/msg00049.html

packetstormsecurity.com/files/134268/Slackware-Security-Advisory-mozilla-nss-Updates.html

rhn.redhat.com/errata/RHSA-2015-1980.html

rhn.redhat.com/errata/RHSA-2015-1981.html

www.debian.org/security/2015/dsa-3393

www.debian.org/security/2015/dsa-3406

www.mozilla.org/security/announce/2015/mfsa2015-133.html

www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

www.securityfocus.com/bid/77415

www.securityfocus.com/bid/91787

www.securitytracker.com/id/1034069

www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.399753

www.ubuntu.com/usn/USN-2785-1

www.ubuntu.com/usn/USN-2790-1

www.ubuntu.com/usn/USN-2819-1

bto.bluecoat.com/security-advisory/sa119

bugzilla.mozilla.org/show_bug.cgi?id=1205157

developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.1_release_notes

developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.4_release_notes

developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.20.1_release_notes

security.gentoo.org/glsa/201512-10

security.gentoo.org/glsa/201605-06

8.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.057 Low

EPSS

Percentile

93.2%

JSON

Related for PRION:CVE-2015-7183