Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-4503

Опубликовано: 24 сент. 2015
Источник: debian
EPSS Низкий

Описание

The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as demonstrated by availability of this API in a Firefox OS application.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
iceweaselnot-affectedpackage

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2015-97/

EPSS

Процентиль: 69%
0.00629
Низкий

Связанные уязвимости

ubuntu
почти 10 лет назад

The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as demonstrated by availability of this API in a Firefox OS application.

redhat
почти 10 лет назад

The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as demonstrated by availability of this API in a Firefox OS application.

nvd
почти 10 лет назад

The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as demonstrated by availability of this API in a Firefox OS application.

github
около 3 лет назад

The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as demonstrated by availability of this API in a Firefox OS application.

fstec
почти 10 лет назад

Уязвимость браузера Firefox, позволяющая нарушителю получить доступ к защищаемой информации из памяти процесса

EPSS

Процентиль: 69%
0.00629
Низкий