Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-2729

Опубликовано: 02 июл. 2015
Источник: redhat
CVSS2: 5.1
EPSS Низкий

Описание

The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.

Отчет

This issue does not affect the version of thunderbird package, as shipped with Red Hat Enterprise Linux 5, 6 and 7.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5thunderbirdNot affected
Red Hat Enterprise Linux 6thunderbirdNot affected
Red Hat Enterprise Linux 7thunderbirdNot affected
Red Hat Enterprise Linux 5firefoxFixedRHSA-2015:120703.07.2015
Red Hat Enterprise Linux 6firefoxFixedRHSA-2015:120703.07.2015
Red Hat Enterprise Linux 7firefoxFixedRHSA-2015:120703.07.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=1236952Mozilla: Out-of-bound read while computing an oscillator rendering range in Web Audio (MFSA 2015-62)

EPSS

Процентиль: 62%
0.00438
Низкий

5.1 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-2729

ubuntu
около 10 лет назад

The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.

nvd логотип

CVE-2015-2729

nvd
около 10 лет назад

The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.

debian логотип

CVE-2015-2729

debian
около 10 лет назад

The AudioParamTimeline::AudioNodeInputValue function in the Web Audio ...

github логотип

GHSA-p3v9-93rx-rg76

github
около 3 лет назад

The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.

oracle-oval логотип

ELSA-2015-1207

oracle-oval
около 10 лет назад

ELSA-2015-1207: firefox security update (CRITICAL)

EPSS

Процентиль: 62%
0.00438
Низкий

5.1 Medium

CVSS2