CVE-2015-7204

Severity

68%

Complexity

86%

Confidentiality

106%

Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments.

Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments.

CVSS 2.0 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P).

Overview

First reported 9 years ago

2015-12-16 11:59:00

Last updated 6 years ago

2018-10-30 16:27:00

Affected Software

openSUSE Leap 42.1

42.1

OpenSUSE 13.1

13.1

OpenSUSE 13.2

13.2

Fedora 22

22

Fedora Project Fedora 23

23

Mozilla Firefox 41.0

41.0

Mozilla Firefox 41.0.1

41.0.1

Mozilla Firefox 41.0.2

41.0.2

Mozilla Firefox

References

FEDORA-2015-51b1105902

FEDORA-2015-7ab3d3afcf

openSUSE-SU-2015:2353

openSUSE-SU-2016:0307

openSUSE-SU-2016:0308

http://www.mozilla.org/security/announce/2015/mfsa2015-135.html

Vendor Advisory

79280

1034426

USN-2833-1

https://bugzilla.mozilla.org/show_bug.cgi?id=1216130

GLSA-201512-10

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.