9.3
CVE-2015-2736
- EPSS 2.04%
- Published 06.07.2015 02:01:05
- Last modified 12.04.2025 10:46:40
- Source security@mozilla.org
- Teams watchlist Login
- Open Login
The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.
Data is provided by the National Vulnerability Database (NVD)
Mozilla ≫ Thunderbird Version <= 38.0.1
Mozilla ≫ Firefox ESR Version31.1
Mozilla ≫ Firefox ESR Version31.2
Mozilla ≫ Firefox ESR Version31.3
Mozilla ≫ Firefox ESR Version31.4
Mozilla ≫ Firefox ESR Version31.5
Mozilla ≫ Firefox ESR Version31.6.0
Mozilla ≫ Firefox ESR Version31.7.0
Novell ≫ Suse Linux Enterprise Software Development Kit Version12.0
Canonical ≫ Ubuntu Linux Version12.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version14.10
Canonical ≫ Ubuntu Linux Version15.04
Debian ≫ Debian Linux Version7.0
Debian ≫ Debian Linux Version8.0
Novell ≫ Suse Linux Enterprise Desktop Version12.0
Novell ≫ Suse Linux Enterprise Server Version11 Updatesp4
Novell ≫ Suse Linux Enterprise Server Version12.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.04% | 0.832 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|