Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2015-2730

Опубликовано: 06 июл. 2015
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*
cpe:2.3:o:novell:suse_linux_enterprise_server:11:sp4:*:*:*:*:*:*
cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*
Версия до 3.19 (включая)

Одно из

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Версия до 38.1.0 (включая)
cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.6.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.7.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:*

EPSS

Процентиль: 56%
0.0034
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-310

Связанные уязвимости

ubuntu логотип

CVE-2015-2730

ubuntu
около 10 лет назад

Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors.

redhat логотип

CVE-2015-2730

redhat
около 10 лет назад

Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors.

debian логотип

CVE-2015-2730

debian
около 10 лет назад

Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozi ...

github логотип

GHSA-85fg-8m94-wc2q

github
больше 3 лет назад

Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors.

oracle-oval логотип

ELSA-2015-1699

oracle-oval
почти 10 лет назад

ELSA-2015-1699: nss-softokn security update (MODERATE)

EPSS

Процентиль: 56%
0.0034
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-310