Lucene search

K
ubuntucveUbuntu.comUB:CVE-2015-0827
HistoryFeb 25, 2015 - 12:00 a.m.

CVE-2015-0827

2015-02-2500:00:00
ubuntu.com
ubuntu.com
12

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

77.9%

Heap-based buffer overflow in the mozilla::gfx::CopyRect function in
Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird
before 31.5 allows remote attackers to obtain sensitive information from
uninitialized process memory via a malformed SVG graphic.

OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchfirefox< 36.0+build2-0ubuntu0.12.04.5UNKNOWN
ubuntu14.04noarchfirefox< 36.0+build2-0ubuntu0.14.04.4UNKNOWN
ubuntu14.10noarchfirefox< 36.0+build2-0ubuntu0.14.10.4UNKNOWN
ubuntu12.04noarchthunderbird< 1:31.5.0+build1-0ubuntu0.12.04.1UNKNOWN
ubuntu14.04noarchthunderbird< 1:31.5.0+build1-0ubuntu0.14.04.1UNKNOWN
ubuntu14.10noarchthunderbird< 1:31.5.0+build1-0ubuntu0.14.10.1UNKNOWN

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

77.9%