admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2015/CVE-2015-45xx/CVE-2015-4503.json
cad-safe-bot 99dd3d8022 Auto-Update: 2024-11-23T01:02:35.760694+00:00
2024-11-23 01:05:45 +00:00

138 lines
4.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2015-4503",
"sourceIdentifier": "security@mozilla.org",
"published": "2015-09-24T04:59:06.160",
"lastModified": "2024-11-21T02:31:13.303",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as demonstrated by availability of this API in a Firefox OS application."
},
{
"lang": "es",
"value": "Vulnerabilidad en la implementaci\u00f3n de la API TCP Socket en Mozilla Firefox en versiones anteriores a 41.0, no maneja correctamente los l\u00edmites del array que fueron establecidos con una llamada al m\u00e9todo navigator.mozTCPSocket.open y env\u00edo de llamadas a m\u00e9todos, lo que permite a servidores TCP remotos obtener informaci\u00f3n sensible de la memoria de proceso mediante la lectura de datos de paquete, seg\u00fan lo demuostrado por la disponiblidad de esta API en una aplicaci\u00f3n Firefox OS."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndIncluding": "40.0.3",
"matchCriteriaId": "4EE7B0EF-4A3A-4353-8B50-6F28B5CADBDB"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html",
"source": "security@mozilla.org"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html",
"source": "security@mozilla.org"
},
{
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-97.html",
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"source": "security@mozilla.org"
},
{
"url": "http://www.securityfocus.com/bid/76815",
"source": "security@mozilla.org"
},
{
"url": "http://www.securitytracker.com/id/1033640",
"source": "security@mozilla.org"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=994337",
"source": "security@mozilla.org"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-97.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/76815",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securitytracker.com/id/1033640",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=994337",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink