Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2015-7183

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 05 нояб. 2015
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: ubuntu
ΠŸΡ€ΠΈΠΎΡ€ΠΈΡ‚Π΅Ρ‚: medium
EPSS Π‘Ρ€Π΅Π΄Π½ΠΈΠΉ
CVSS2: 7.5

ОписаниС

Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
devel

released

42.0+build2-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [42.0+build2-0ubuntu0.14.04.1]]
precise

released

42.0+build2-0ubuntu0.12.04.1
precise/esm

DNE

precise was released [42.0+build2-0ubuntu0.12.04.1]
trusty

released

42.0+build2-0ubuntu0.14.04.1
trusty/esm

DNE

trusty was released [42.0+build2-0ubuntu0.14.04.1]
upstream

released

42.0
vivid

released

42.0+build2-0ubuntu0.15.04.1
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
devel

not-affected

2:4.10.10-1ubuntu1
esm-infra-legacy/trusty

released

2:4.10.10-0ubuntu0.14.04.1
esm-infra/xenial

not-affected

2:4.10.10-1ubuntu1
precise

released

4.10.10-0ubuntu0.12.04.1
precise/esm

not-affected

4.10.10-0ubuntu0.12.04.1
trusty

released

2:4.10.10-0ubuntu0.14.04.1
trusty/esm

released

2:4.10.10-0ubuntu0.14.04.1
upstream

released

4.10.10
vivid

released

2:4.10.10-0ubuntu0.15.04.1
vivid/stable-phone-overlay

released

2:4.10.10-0ubuntu0.15.04.1

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
devel

released

1:38.4.0+build3-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [1:38.4.0+build3-0ubuntu0.14.04.1]]
precise

released

1:38.4.0+build3-0ubuntu0.12.04.1
precise/esm

DNE

precise was released [1:38.4.0+build3-0ubuntu0.12.04.1]
trusty

released

1:38.4.0+build3-0ubuntu0.14.04.1
trusty/esm

DNE

trusty was released [1:38.4.0+build3-0ubuntu0.14.04.1]
upstream

released

38.4.0
vivid

released

1:38.4.0+build3-0ubuntu0.15.04.1
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
devel

not-affected

5.0.14-dfsg-1
esm-apps/xenial

not-affected

5.0.14-dfsg-1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [4.3.36-dfsg-1+deb8u1ubuntu1.14.04.1]]
precise

ignored

end of life
precise/esm

DNE

precise was needed
trusty

released

4.3.36-dfsg-1+deb8u1ubuntu1.14.04.1
trusty/esm

DNE

trusty was released [4.3.36-dfsg-1+deb8u1ubuntu1.14.04.1]
upstream

released

5.0.14-dfsg-1
vivid

released

4.3.36-dfsg-1+deb8u1ubuntu1.15.04.1
vivid/stable-phone-overlay

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 95%
0.18188
Π‘Ρ€Π΅Π΄Π½ΠΈΠΉ

7.5 High

CVSS2

БвязанныС уязвимости

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2015-7183

redhat
большС 10 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2015-7183

nvd
большС 10 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2015-7183

debian
большС 10 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape P ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-v8r8-vg3r-9r36

github
большС 3 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

BDU:2015-11994

fstec
большС 10 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ Π±Ρ€Π°ΡƒΠ·Π΅Ρ€ΠΎΠ² Firefox ΠΈ Firefox ESR, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰Π°Ρ Π½Π°Ρ€ΡƒΡˆΠΈΡ‚Π΅Π»ΡŽ Π²Ρ‹ΠΏΠΎΠ»Π½ΠΈΡ‚ΡŒ ΠΏΡ€ΠΎΠΈΠ·Π²ΠΎΠ»ΡŒΠ½Ρ‹ΠΉ ΠΊΠΎΠ΄ ΠΈΠ»ΠΈ Π²Ρ‹Π·Π²Π°Ρ‚ΡŒ ΠΎΡ‚ΠΊΠ°Π· Π² обслуТивании

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 95%
0.18188
Π‘Ρ€Π΅Π΄Π½ΠΈΠΉ

7.5 High

CVSS2

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2015-7183