CVE-2015-4500

CVSS v2.0 7.5 (High)

EPSS 6.30 % (94^th)

Affected Products 2

Advisories 10

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Weaknesses

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2015-09-24 04:59:02
(9 years ago)
Updated Date: 2016-12-22 02:59:55
(7 years ago)

Affected Products

Mozilla

Configuration #1

		CPE23	From	Up To
	Mozilla Firefox 40.0.3 and prior versions	cpe:2.3:a:mozilla:firefox		<= 40.0.3

Configuration #2

		CPE23	From	Up To
	Mozilla Firefox Esr 38.0	cpe:2.3:a:mozilla:firefox_esr:38.0
	Mozilla Firefox Esr 38.0.1	cpe:2.3:a:mozilla:firefox_esr:38.0.1
	Mozilla Firefox Esr 38.0.5	cpe:2.3:a:mozilla:firefox_esr:38.0.5
	Mozilla Firefox Esr 38.1.0	cpe:2.3:a:mozilla:firefox_esr:38.1.0
	Mozilla Firefox Esr 38.1.1	cpe:2.3:a:mozilla:firefox_esr:38.1.1
	Mozilla Firefox Esr 38.2.0	cpe:2.3:a:mozilla:firefox_esr:38.2.0
	Mozilla Firefox Esr 38.2.1	cpe:2.3:a:mozilla:firefox_esr:38.2.1