Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-a2fb-cz2r-kudj
Vulnerability ID VCID-a2fb-cz2r-kudj
Aliases CVE-2015-7202
Summary Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird, the worst of which may allow user-assisted execution of arbitrary code.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
epss 0.01913 https://api.first.org/data/v1/epss?cve=CVE-2015-7202
epss 0.01913 https://api.first.org/data/v1/epss?cve=CVE-2015-7202
epss 0.01913 https://api.first.org/data/v1/epss?cve=CVE-2015-7202
epss 0.01913 https://api.first.org/data/v1/epss?cve=CVE-2015-7202
epss 0.01913 https://api.first.org/data/v1/epss?cve=CVE-2015-7202
epss 0.01913 https://api.first.org/data/v1/epss?cve=CVE-2015-7202
epss 0.01913 https://api.first.org/data/v1/epss?cve=CVE-2015-7202
epss 0.01913 https://api.first.org/data/v1/epss?cve=CVE-2015-7202
epss 0.01913 https://api.first.org/data/v1/epss?cve=CVE-2015-7202
epss 0.01913 https://api.first.org/data/v1/epss?cve=CVE-2015-7202
epss 0.01913 https://api.first.org/data/v1/epss?cve=CVE-2015-7202
epss 0.01913 https://api.first.org/data/v1/epss?cve=CVE-2015-7202
epss 0.01913 https://api.first.org/data/v1/epss?cve=CVE-2015-7202
epss 0.01913 https://api.first.org/data/v1/epss?cve=CVE-2015-7202
cvssv2 10.0 https://nvd.nist.gov/vuln/detail/CVE-2015-7202
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2015-134
Reference id Reference type URL
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00022.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00023.html
http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html
http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html
http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7202.json
https://api.first.org/data/v1/epss?cve=CVE-2015-7202
https://bugzilla.mozilla.org/show_bug.cgi?id=1188105
https://bugzilla.mozilla.org/show_bug.cgi?id=1193757
https://bugzilla.mozilla.org/show_bug.cgi?id=1193999
https://bugzilla.mozilla.org/show_bug.cgi?id=1194002
https://bugzilla.mozilla.org/show_bug.cgi?id=1194006
https://bugzilla.mozilla.org/show_bug.cgi?id=1197012
https://bugzilla.mozilla.org/show_bug.cgi?id=1200580
https://bugzilla.mozilla.org/show_bug.cgi?id=1207571
https://bugzilla.mozilla.org/show_bug.cgi?id=1208059
https://bugzilla.mozilla.org/show_bug.cgi?id=1212305
https://bugzilla.mozilla.org/show_bug.cgi?id=1219330
https://bugzilla.mozilla.org/show_bug.cgi?id=1221421
https://bugzilla.mozilla.org/show_bug.cgi?id=1221904
http://www.mozilla.org/security/announce/2015/mfsa2015-134.html
http://www.securityfocus.com/bid/79279
http://www.securitytracker.com/id/1034426
http://www.ubuntu.com/usn/USN-2833-1
1291577 https://bugzilla.redhat.com/show_bug.cgi?id=1291577
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
CVE-2015-7202 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7202
CVE-2015-7202 https://nvd.nist.gov/vuln/detail/CVE-2015-7202
GLSA-201512-10 https://security.gentoo.org/glsa/201512-10
mfsa2015-134 https://www.mozilla.org/en-US/security/advisories/mfsa2015-134
USN-2833-1 https://usn.ubuntu.com/2833-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2015-7202
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.83232
EPSS Score 0.01913
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:01:39.765496+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/201512-10 38.0.0