CVE-2015-2737

2015-07-0500:00:00

ubuntu.com

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

79.8%

JSON

The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in
Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before
38.1, and Thunderbird before 38.1 reads data from uninitialized memory
locations, which has unspecified impact and attack vectors.

OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchfirefox< 39.0+build5-0ubuntu0.12.04.2UNKNOWN
ubuntu14.04noarchfirefox< 39.0+build5-0ubuntu0.14.04.1UNKNOWN
ubuntu14.10noarchfirefox< 39.0+build5-0ubuntu0.14.10.1UNKNOWN
ubuntu15.04noarchfirefox< 39.0+build5-0ubuntu0.15.04.1UNKNOWN
ubuntu12.04noarchthunderbird< 1:31.8.0+build1-0ubuntu0.12.04.1UNKNOWN
ubuntu14.04noarchthunderbird< 1:31.8.0+build1-0ubuntu0.14.04.1UNKNOWN
ubuntu14.10noarchthunderbird< 1:31.8.0+build1-0ubuntu0.14.10.1UNKNOWN
ubuntu15.04noarchthunderbird< 1:31.8.0+build1-0ubuntu0.15.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	12.04	noarch	firefox	< 39.0+build5-0ubuntu0.12.04.2	UNKNOWN
ubuntu	14.04	noarch	firefox	< 39.0+build5-0ubuntu0.14.04.1	UNKNOWN
ubuntu	14.10	noarch	firefox	< 39.0+build5-0ubuntu0.14.10.1	UNKNOWN
ubuntu	15.04	noarch	firefox	< 39.0+build5-0ubuntu0.15.04.1	UNKNOWN
ubuntu	12.04	noarch	thunderbird	< 1:31.8.0+build1-0ubuntu0.12.04.1	UNKNOWN
ubuntu	14.04	noarch	thunderbird	< 1:31.8.0+build1-0ubuntu0.14.04.1	UNKNOWN
ubuntu	14.10	noarch	thunderbird	< 1:31.8.0+build1-0ubuntu0.14.10.1	UNKNOWN
ubuntu	15.04	noarch	thunderbird	< 1:31.8.0+build1-0ubuntu0.15.04.1	UNKNOWN