Vulnerability CVE-2015-0825 - CERT Civis.Net

Vulnerability Name:

CVE-2015-0825 (CCN-101099)

Assigned:

2015-02-24

Published:

2015-02-24

Updated:

2018-10-30

Summary:

Stack-based buffer underflow in the mozilla::MP3FrameParser::ParseBuffer function in Mozilla Firefox before 36.0 allows remote attackers to obtain sensitive information from process memory via a malformed MP3 file that improperly interacts with memory allocation during playback.

CVSS v3 Severity:

10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2015-0825

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2015:0404

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2015:0570

Source: CONFIRM
Type: Vendor Advisory
http://www.mozilla.org/security/announce/2015/mfsa2015-21.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Source: BID
Type: UNKNOWN
72751

Source: CCN
Type: BID-72751
Mozilla Firefox CVE-2015-0829 Buffer Underflow Vulnerability

Source: SECTRACK
Type: UNKNOWN
1031791

Source: UBUNTU
Type: UNKNOWN
USN-2505-1

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.mozilla.org/show_bug.cgi?id=1092370

Source: XF
Type: UNKNOWN
firefox-cve20140825-underflow(101099)

Source: GENTOO
Type: UNKNOWN
GLSA-201504-01

Source: CCN
Type: Mozilla Foundation Security Advisory 2015-21
Buffer underflow during MP3 playback

Vulnerable Configuration:

Configuration 1:

cpe:/o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:mozilla:firefox:0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:0.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:0.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:0.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:0.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:0.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:0.8:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:0.9:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:0.9:rc:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:0.10:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.8:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.14:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.15:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.16:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.17:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.18:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.19:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.8:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.9:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.10:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.11:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.12:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.13:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.14:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.15:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.16:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.17:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.18:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.5.19:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.8:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.9:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.10:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.11:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.12:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.13:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.14:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.15:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.16:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.17:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.18:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.19:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.20:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.21:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.22:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.23:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.24:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.25:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.26:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.27:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.6.28:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:4.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:5.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:6.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:7.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:8.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:9.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:10.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:10.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:10.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:10.0.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:10.0.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:10.0.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:10.0.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:10.0.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:10.0.8:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:10.0.9:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:10.0.10:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:10.0.11:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:10.0.12:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:11.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:12.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:12.0:beta6:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:13.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:13.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:14.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:14.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:15.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:15.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:16.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:16.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:16.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:17.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:17.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:17.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:17.0.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:17.0.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:17.0.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:17.0.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:17.0.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:17.0.8:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:17.0.9:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:17.0.10:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:17.0.11:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:18.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:18.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:18.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:19.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:20.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:20.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:21.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:22.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:23.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:23.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:24.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:24.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:24.1.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:25.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:25.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:26.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:27.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:27.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:28.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:29.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:29.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:30.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:31.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:31.1.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:32.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:33.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:34.0.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version <= 35.0.1)

Configuration CCN 1:

cpe:/a:mozilla:firefox:35.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20150825	V	CVE-2015-0825	2023-06-22
oval:org.opensuse.security:def:7868	P	MozillaFirefox-102.11.0-150200.152.87.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:609	P	Security update for sqlite3 (Moderate) (in QA)	2022-10-04
oval:org.opensuse.security:def:720	P	Security update for ucode-intel (Moderate)	2022-08-31
oval:org.opensuse.security:def:3252	P	libsmi-0.4.8-18.55 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94882	P	MozillaFirefox-91.8.0-150200.152.26.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:1523	P	Security update for MozillaThunderbird (Important)	2022-06-13
oval:org.opensuse.security:def:1167	P	Security update for jackson-databind, jackson-dataformats-binary, jackson-annotations, jackson-bom, jackson-core (Important)	2022-05-16
oval:org.opensuse.security:def:1301	P	Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP3) (Important)	2022-04-14
oval:org.opensuse.security:def:1056	P	Security update for yaml-cpp (Moderate)	2022-04-01
oval:org.opensuse.security:def:1412	P	Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP3) (Important)	2022-02-01
oval:org.opensuse.security:def:113433	P	seamonkey-2.40-6.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:111898	P	MozillaFirefox-50.1.0-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:945	P	Security update for net-snmp (Important)	2022-01-11
oval:org.opensuse.security:def:70030	P	Security update for xorg-x11-server (Important)	2021-12-21
oval:org.opensuse.security:def:93994	P	(Important)	2021-12-06
oval:org.opensuse.security:def:1639	P	Security update for squid (Moderate)	2021-10-20
oval:org.opensuse.security:def:105475	P	MozillaFirefox-50.1.0-1.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:106834	P	seamonkey-2.40-6.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:71207	P	hardlink-1.0+git.e66999f-1.25 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:69925	P	Security update for ffmpeg (Important)	2021-09-02
oval:org.opensuse.security:def:48045	P	ibus-chewing-1.4.14-4.11 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47570	P	bzip2-1.0.6-29.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47131	P	ppc64-diag-2.7.1-5.6 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48191	P	libsmi-0.4.8-18.55 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47794	P	libtasn1-4.9-3.5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47266	P	glib2-lang-2.48.2-10.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48287	P	python-pywbem-0.7.0-4.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48156	P	libnetpbm11-10.66.3-8.7.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47591	P	dbus-1-1.8.22-29.10.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47242	P	dosfstools-3.0.26-6.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48302	P	sane-backends-1.0.24-3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47831	P	mutt-1.10.1-55.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47377	P	libmpfr4-3.1.2-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47130	P	powerpc-utils-1.3.2-17.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48129	P	libjansson4-2.12-3.5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47702	P	libecpg6-10.5-1.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47145	P	rpcbind-0.2.3-21.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48256	P	pam_krb5-2.4.4-4.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47942	P	aaa_base-13.2+git20140911.61c1681-38.13.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47459	P	pam_krb5-2.4.4-4.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47241	P	dnsmasq-2.76-17.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48358	P	zypper-1.13.51-21.26.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48240	P	memcached-1.4.39-4.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47683	P	libXrender1-0.9.8-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47256	P	freeradius-server-3.0.14-1.8 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:62728	P	MozillaFirefox-78.10.0-8.38.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101134	P	MozillaFirefox-78.10.0-8.38.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72447	P	MozillaFirefox-78.10.0-8.38.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:49443	P	Security update for nodejs10 (Important)	2021-07-14
oval:org.opensuse.security:def:48469	P	libXinerama1-1.1.3-3.54 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:71094	P	rpcbind-0.2.3-3.22 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48398	P	cyrus-sasl-2.1.26-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48367	P	apache-commons-httpclient-3.1-4.364 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:64507	P	Security update for hivex (Moderate)	2021-05-26
oval:org.opensuse.security:def:67754	P	Security update for the Linux Kernel (Live Patch 21 for SLE 15) (Important)	2021-04-28
oval:org.opensuse.security:def:100707	P	(Important)	2021-02-17
oval:org.opensuse.security:def:116931	P	MozillaFirefox-68.8.0-3.87.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72109	P	MozillaFirefox-52.7.3-1.35 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62390	P	MozillaFirefox-52.7.3-1.35 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:89851	P	MozillaFirefox-60.6.2-3.32.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72220	P	MozillaFirefox-60.6.2-3.32.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:103506	P	MozillaFirefox-60.6.2-3.32.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62501	P	MozillaFirefox-60.6.2-3.32.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72331	P	MozillaFirefox-68.8.0-3.87.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107373	P	MozillaFirefox-68.8.0-3.87.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62612	P	MozillaFirefox-68.8.0-3.87.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:73365	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49386	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49554	P	libjbig2-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66674	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49497	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64420	P	opensc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73247	P	libxcb-composite0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67854	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49332	P	socat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49608	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66582	P	pam on GA media (Moderate)	2020-12-01
oval:com.ubuntu.precise:def:20150825000	V	CVE-2015-0825 on Ubuntu 12.04 LTS (precise) - medium.	2015-02-25
oval:com.ubuntu.trusty:def:20150825000	V	CVE-2015-0825 on Ubuntu 14.04 LTS (trusty) - medium.	2015-02-25