6.8

CVE-2015-7204

Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpensuseLeap Version42.1
OpensuseOpensuse Version13.1
OpensuseOpensuse Version13.2
FedoraprojectFedora Version22
FedoraprojectFedora Version23
MozillaFirefox Version <= 42.0
MozillaFirefox Version41.0
MozillaFirefox Version41.0.1
MozillaFirefox Version41.0.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.49% 0.876
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://security.gentoo.org/glsa/201512-10
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html
http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html
http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html
http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html
http://www.securitytracker.com/id/1034426
http://www.ubuntu.com/usn/USN-2833-1
http://www.securityfocus.com/bid/79280
http://www.mozilla.org/security/announce/2015/mfsa2015-135.html
Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1216130