7.5
CVE-2015-2728
- EPSS 3.28%
- Veröffentlicht 06.07.2015 02:00:59
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle security@mozilla.org
- Teams Watchlist Login
- Unerledigt Login
The IndexedDatabaseManager class in the IndexedDB implementation in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 misinterprets an unspecified IDBDatabase field as a pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors, related to a "type confusion" issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Novell ≫ Suse Linux Enterprise Desktop Version12.0
Novell ≫ Suse Linux Enterprise Server Version11 Updatesp4
Novell ≫ Suse Linux Enterprise Server Version12.0
Mozilla ≫ Firefox ESR Version31.1
Mozilla ≫ Firefox ESR Version31.2
Mozilla ≫ Firefox ESR Version31.3
Mozilla ≫ Firefox ESR Version31.4
Mozilla ≫ Firefox ESR Version31.5
Mozilla ≫ Firefox ESR Version31.6.0
Mozilla ≫ Firefox ESR Version31.7.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.28% | 0.867 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|