Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SU-2015:2081-1
HistoryNov 23, 2015 - 10:10 p.m.

Security update for Mozilla Firefox (important)

2015-11-2322:10:12
lists.opensuse.org
24

EPSS

0.215

Percentile

96.5%

JSON

MozillaFirefox ESR was updated to version 38.4.0ESR to fix multiple
security issues.

   * MFSA 2015-116/CVE-2015-4513 Miscellaneous memory safety hazards
     (rv:42.0 / rv:38.4)
   * MFSA 2015-122/CVE-2015-7188 Trailing whitespace in IP address
     hostnames can bypass same-origin policy
   * MFSA 2015-123/CVE-2015-7189 Buffer overflow during image
     interactions in canvas
   * MFSA 2015-127/CVE-2015-7193 CORS preflight is bypassed when
     non-standard Content-Type headers are received
   * MFSA 2015-128/CVE-2015-7194 Memory corruption in libjar through zip
     files
   * MFSA 2015-130/CVE-2015-7196 JavaScript garbage collection crash with
     Java applet
   * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
     Vulnerabilities found through code inspection
   * MFSA 2015-132/CVE-2015-7197 Mixed content WebSocket policy bypass
     through workers
   * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183 NSS and NSPR
     memory corruption issues

It also includes fixes from 38.3.0ESR:

   * MFSA 2015-96/CVE-2015-4500/CVE-2015-4501 Miscellaneous memory safety
     hazards (rv:41.0 / rv:38.3)
   * MFSA 2015-101/CVE-2015-4506 Buffer overflow in libvpx while parsing
     vp9 format video
   * MFSA 2015-105/CVE-2015-4511 Buffer overflow while decoding WebM video
   * MFSA 2015-106/CVE-2015-4509 Use-after-free while manipulating HTML
     media content
   * MFSA 2015-110/CVE-2015-4519 Dragging and dropping images exposes
     final URL after redirects
   * MFSA 2015-111/CVE-2015-4520 Errors in the handling of CORS preflight
     request headers
   * MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522
     CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177
     CVE-2015-7180 Vulnerabilities found through code inspection

It also includes fixes from the Firefox 38.2.1ESR release:

   * MFSA 2015-94/CVE-2015-4497 (bsc#943557) Use-after-free when resizing
     canvas element during restyling
   * MFSA 2015-95/CVE-2015-4498 (bsc#943558) Add-on notification bypass
     through data URLs

It also includes fixes from the Firefox 38.2.0ESR release:

   * MFSA 2015-79/CVE-2015-4473/CVE-2015-4474 Miscellaneous memory safety
     hazards (rv:40.0 / rv:38.2)
   * MFSA 2015-80/CVE-2015-4475 Out-of-bounds read with malformed MP3 file
   * MFSA 2015-82/CVE-2015-4478 Redefinition of non-configurable
     JavaScript object properties
   * MFSA 2015-83/CVE-2015-4479 Overflow issues in libstagefright
   * MFSA 2015-87/CVE-2015-4484 Crash when using shared memory in
     JavaScript
   * MFSA 2015-88/CVE-2015-4491 Heap overflow in gdk-pixbuf when scaling
     bitmap images
   * MFSA 2015-89/CVE-2015-4485/CVE-2015-4486 Buffer overflows on Libvpx
     when decoding WebM video
   * MFSA 2015-90/CVE-2015-4487/CVE-2015-4488/CVE-2015-4489
     Vulnerabilities found through code inspection
   * MFSA 2015-92/CVE-2015-4492 Use-after-free in XMLHttpRequest with
     shared workers

Security Issues:

   * CVE-2015-4473
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473</a>&gt;
   * CVE-2015-4474
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4474">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4474</a>&gt;
   * CVE-2015-4475
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475</a>&gt;
   * CVE-2015-4478
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478</a>&gt;
   * CVE-2015-4479
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479</a>&gt;
   * CVE-2015-4484
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484</a>&gt;
   * CVE-2015-4485
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4485">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4485</a>&gt;
   * CVE-2015-4486
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4486">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4486</a>&gt;
   * CVE-2015-4487
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487</a>&gt;
   * CVE-2015-4488
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488</a>&gt;
   * CVE-2015-4489
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489</a>&gt;
   * CVE-2015-4491
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491</a>&gt;
   * CVE-2015-4492
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492</a>&gt;
   * CVE-2015-4497
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4497">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4497</a>&gt;
   * CVE-2015-4498
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4498">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4498</a>&gt;
   * CVE-2015-4500
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4500">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4500</a>&gt;
   * CVE-2015-4501
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4501">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4501</a>&gt;
   * CVE-2015-4506
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4506">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4506</a>&gt;
   * CVE-2015-4509
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4509">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4509</a>&gt;
   * CVE-2015-4511
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4511">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4511</a>&gt;
   * CVE-2015-4513
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513</a>&gt;
   * CVE-2015-4517
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4517">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4517</a>&gt;
   * CVE-2015-4519
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4519">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4519</a>&gt;
   * CVE-2015-4520
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4520">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4520</a>&gt;
   * CVE-2015-4521
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4521">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4521</a>&gt;
   * CVE-2015-4522
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4522">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4522</a>&gt;
   * CVE-2015-7174
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7174">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7174</a>&gt;
   * CVE-2015-7175
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7175">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7175</a>&gt;
   * CVE-2015-7176
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7176">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7176</a>&gt;
   * CVE-2015-7177
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7177">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7177</a>&gt;
   * CVE-2015-7180
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7180">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7180</a>&gt;
   * CVE-2015-7181
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181</a>&gt;
   * CVE-2015-7182
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182</a>&gt;
   * CVE-2015-7183
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7183">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7183</a>&gt;
   * CVE-2015-7188
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188</a>&gt;
   * CVE-2015-7189
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189</a>&gt;
   * CVE-2015-7193
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193</a>&gt;
   * CVE-2015-7194
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194</a>&gt;
   * CVE-2015-7196
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7196">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7196</a>&gt;
   * CVE-2015-7197
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197</a>&gt;
   * CVE-2015-7198
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198</a>&gt;
   * CVE-2015-7199
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199</a>&gt;
   * CVE-2015-7200
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200</a>&gt;
OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Server LTSS10.4x86_64mozilla-nss-32bit< 3.19.2.1-0.5.1mozilla-nss-32bit-3.19.2.1-0.5.1.x86_64.rpm
SUSE Linux Enterprise Server LTSS10.4s390xmozilla-nss-32bit< 3.19.2.1-0.5.1mozilla-nss-32bit-3.19.2.1-0.5.1.s390x.rpm
SUSE Linux Enterprise Server LTSS10.4s390xmozilla-nss< 3.19.2.1-0.5.1mozilla-nss-3.19.2.1-0.5.1.s390x.rpm
SUSE Linux Enterprise Server LTSS10.4i586mozilla-nss-devel< 3.19.2.1-0.5.1mozilla-nss-devel-3.19.2.1-0.5.1.i586.rpm
SUSE Linux Enterprise Server LTSS10.4s390xmozilla-nspr-devel< 4.10.10-0.5.1mozilla-nspr-devel-4.10.10-0.5.1.s390x.rpm
SUSE Linux Enterprise Server LTSS10.4x86_64mozilla-nspr< 4.10.10-0.5.1mozilla-nspr-4.10.10-0.5.1.x86_64.rpm
SUSE Linux Enterprise Server LTSS10.4s390xmozillafirefox-translations< 38.4.0esr-0.7.1MozillaFirefox-translations-38.4.0esr-0.7.1.s390x.rpm
SUSE Linux Enterprise Server LTSS10.4i586mozilla-nspr< 4.10.10-0.5.1mozilla-nspr-4.10.10-0.5.1.i586.rpm
SUSE Linux Enterprise Server LTSS10.4i586mozillafirefox-translations< 38.4.0esr-0.7.1MozillaFirefox-translations-38.4.0esr-0.7.1.i586.rpm
SUSE Linux Enterprise Server LTSS10.4i586mozilla-nspr-devel< 4.10.10-0.5.1mozilla-nspr-devel-4.10.10-0.5.1.i586.rpm
Rows per page:
1-10 of 251

Related

openvas 65
nessus 62
ibm 3
suse 8
debian 4
centos 6
redhat 6
ubuntu 11
mageia 6
oraclelinux 4
veracode 21
mozilla 1
archlinux 2
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:2081-1)
2021-06-09 00:00:00
Debian: Security Advisory (DSA-3410-1)
2015-11-30 00:00:00
SUSE: Security Advisory for MozillaFirefox (SUSE-SU-2015:1680-1)
2015-10-16 00:00:00
nessus
nessus
SUSE SLES10 Security Update : Mozilla Firefox (SUSE-SU-2015:2081-1)
2015-11-25 00:00:00
SUSE SLED11 / SLES11 Security Update : MozillaFirefox (SUSE-SU-2015:1703-1)
2015-10-12 00:00:00
Debian DSA-3410-1 : icedove - security update
2015-12-02 00:00:00
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance
2018-06-17 22:32:49
Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM Storwize V7000 Unified
2018-06-18 00:10:09
Security Bulletin: Mozilla Firefox vulnerability issues in IBM SONAS
2018-06-18 00:10:09
suse
suse
Security update for MozillaFirefox (important)
2015-10-09 09:10:00
Security update for MozillaFirefox, mozilla-nspr (important)
2015-10-05 18:10:03
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (important)
2015-11-12 17:11:49
debian
debian
[SECURITY] [DSA 3410-1] icedove security update
2015-12-01 22:21:09
[SECURITY] [DSA 3365-1] iceweasel security update
2015-09-23 16:49:03
[SECURITY] [DSA 3393-1] iceweasel security update
2015-11-04 18:41:55
centos
centos
firefox security update
2015-09-22 20:41:17
thunderbird security update
2015-10-01 21:36:10
firefox security update
2015-11-04 15:58:03
redhat
redhat
(RHSA-2015:1834) Critical: firefox security update
2015-09-22 00:00:00
(RHSA-2015:1852) Important: thunderbird security update
2015-10-01 00:00:00
(RHSA-2015:1982) Critical: firefox security update
2015-11-04 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2015-10-05 00:00:00
Thunderbird vulnerabilities
2015-12-01 00:00:00
Ubufox update
2015-08-11 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerabilities
2015-09-23 22:42:52
Updated thunderbird packages fix security vulnerabilities
2015-10-02 15:38:21
Updated firefox, nspr, nss packages fix security vulnerability
2015-11-04 21:03:05
oraclelinux
oraclelinux
thunderbird security update
2015-10-01 00:00:00
firefox security update
2015-11-04 00:00:00
thunderbird security update
2015-11-27 00:00:00
veracode
veracode
Brute Force Attack
2019-05-02 05:43:40
Denial Of Service (DoS)
2019-05-02 05:43:40
Privilege Escalation
2019-05-02 05:43:39
mozilla
mozilla
Vulnerabilities found through code inspection — Mozilla
2015-09-22 00:00:00
archlinux
archlinux
firefox: multiple issues
2015-11-04 00:00:00
firefox: multiple issues
2015-09-23 00:00:00

EPSS

0.215

Percentile

96.5%

JSON
Related for SUSE-SU-2015:2081-1
openvas65nessus62ibm3suse8debian4centos6redhat6ubuntu11mageia6oraclelinux4veracode21mozilla1archlinux2