Lucene search

K

PRIOn knowledge basePRION:CVE-2015-7200

HistoryNov 05, 2015 - 5:59 a.m.

Information disclosure

2015-11-0505:59:00

PRIOn knowledge base

www.prio-n.com

1

6.8 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

86.9%

The CryptoKey interface implementation in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lacks status checking, which allows attackers to have an unspecified impact via vectors related to a cryptographic key.

CPENameOperatorVersion
firefoxle41.0.2
firefox_esreq38.0
firefox_esreq38.2.1
firefox_esreq38.1.0
firefox_esreq38.2.0
firefox_esreq38.3.0
firefox_esreq38.0.5
firefox_esreq38.0.1
firefox_esreq38.1.1

References

lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html

lists.opensuse.org/opensuse-updates/2015-12/msg00037.html

lists.opensuse.org/opensuse-updates/2015-12/msg00049.html

rhn.redhat.com/errata/RHSA-2015-1982.html

rhn.redhat.com/errata/RHSA-2015-2519.html

www.debian.org/security/2015/dsa-3393

www.debian.org/security/2015/dsa-3410

www.mozilla.org/security/announce/2015/mfsa2015-131.html

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

www.securityfocus.com/bid/77411

www.securitytracker.com/id/1034069

www.ubuntu.com/usn/USN-2785-1

www.ubuntu.com/usn/USN-2819-1

bugzilla.mozilla.org/show_bug.cgi?id=1204155

security.gentoo.org/glsa/201512-10

6.8 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

86.9%

Related for PRION:CVE-2015-7200

ubuntucve1 cvelist1 cve1 mozilla1 openvas26 oraclelinux1 nessus28 centos2 redhat2 mageia2 veracode1 ubuntu2 suse5 debian2 archlinux1 kaspersky1 freebsd1 ibm2 gentoo1