Search for vulnerabilities
Vulnerability details: VCID-2zab-6bzp-aaae
Vulnerability ID VCID-2zab-6bzp-aaae
Aliases CVE-2015-7575
Summary Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-19 Data Processing Errors
System Score Found at
generic_textual Medium http://blog.fuseyism.com/index.php/2016/01/25/security-icedtea-1-13-10-for-openjdk-6-released/
generic_textual Medium http://lists.gnutls.org/pipermail/gnutls-devel/2015-April/007572.html
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-7575.html
rhas Moderate https://access.redhat.com/errata/RHSA-2016:0007
rhas Moderate https://access.redhat.com/errata/RHSA-2016:0008
rhas Moderate https://access.redhat.com/errata/RHSA-2016:0012
rhas Critical https://access.redhat.com/errata/RHSA-2016:0049
rhas Important https://access.redhat.com/errata/RHSA-2016:0050
rhas Critical https://access.redhat.com/errata/RHSA-2016:0053
rhas Important https://access.redhat.com/errata/RHSA-2016:0054
rhas Critical https://access.redhat.com/errata/RHSA-2016:0055
rhas Critical https://access.redhat.com/errata/RHSA-2016:0056
rhas Critical https://access.redhat.com/errata/RHSA-2016:0098
rhas Critical https://access.redhat.com/errata/RHSA-2016:0099
rhas Critical https://access.redhat.com/errata/RHSA-2016:0100
rhas Critical https://access.redhat.com/errata/RHSA-2016:0101
epss 0.00260 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.00260 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.00260 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.00260 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.00292 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.00292 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.00292 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.00292 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.00292 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.00292 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.00292 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.00292 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.00292 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.00292 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.00292 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.00292 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.01561 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.01561 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.01561 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.01561 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02005 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02059 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02059 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02059 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02059 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02059 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02059 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02059 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02059 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.02059 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
epss 0.05506 https://api.first.org/data/v1/epss?cve=CVE-2015-7575
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1289841
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2834
cvssv2 4.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2015-7575
cvssv3 5.9 https://nvd.nist.gov/vuln/detail/CVE-2015-7575
generic_textual Medium https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released
generic_textual Medium https://ubuntu.com/security/notices/USN-2863-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2864-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2865-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2866-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2884-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2904-1
generic_textual none https://www.mozilla.org/en-US/security/advisories/mfsa2015-150
generic_textual Medium https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/
generic_textual Medium http://www.gnutls.org/security.html#GNUTLS-SA-2015-2
generic_textual Medium http://www.mitls.org/pages/attacks/SLOTH
cvssv3.1 9.8 http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
generic_textual CRITICAL http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
cvssv3.1 9.8 http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
generic_textual CRITICAL http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
cvssv3.1 7.5 http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
generic_textual HIGH http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
generic_textual Low http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Reference id Reference type URL
http://blog.fuseyism.com/index.php/2016/01/25/security-icedtea-1-13-10-for-openjdk-6-released/
http://lists.gnutls.org/pipermail/gnutls-devel/2015-April/007572.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html
http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html
http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html
http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html
http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html
http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html
http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html
http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html
http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html
http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-7575.html
http://rhn.redhat.com/errata/RHSA-2016-0049.html
http://rhn.redhat.com/errata/RHSA-2016-0050.html
http://rhn.redhat.com/errata/RHSA-2016-0053.html
http://rhn.redhat.com/errata/RHSA-2016-0054.html
http://rhn.redhat.com/errata/RHSA-2016-0055.html
http://rhn.redhat.com/errata/RHSA-2016-0056.html
https://access.redhat.com/errata/RHSA-2016:1430
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7575.json
https://api.first.org/data/v1/epss?cve=CVE-2015-7575
https://bugzilla.mozilla.org/show_bug.cgi?id=1158489
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2834
https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.20.2_release_notes
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://security.gentoo.org/glsa/201701-46
https://security.gentoo.org/glsa/201706-18
https://security.gentoo.org/glsa/201801-15
https://security.netapp.com/advisory/ntap-20160225-0001/
https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released
https://ubuntu.com/security/notices/USN-2863-1
https://ubuntu.com/security/notices/USN-2864-1
https://ubuntu.com/security/notices/USN-2865-1
https://ubuntu.com/security/notices/USN-2866-1
https://ubuntu.com/security/notices/USN-2884-1
https://ubuntu.com/security/notices/USN-2904-1
https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/
http://www.debian.org/security/2016/dsa-3436
http://www.debian.org/security/2016/dsa-3437
http://www.debian.org/security/2016/dsa-3457
http://www.debian.org/security/2016/dsa-3458
http://www.debian.org/security/2016/dsa-3465
http://www.debian.org/security/2016/dsa-3491
http://www.debian.org/security/2016/dsa-3688
http://www.gnutls.org/security.html#GNUTLS-SA-2015-2
http://www.mitls.org/pages/attacks/SLOTH
http://www.mozilla.org/security/announce/2015/mfsa2015-150.html
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securityfocus.com/bid/79684
http://www.securityfocus.com/bid/91787
http://www.securitytracker.com/id/1034541
http://www.securitytracker.com/id/1036467
http://www.ubuntu.com/usn/USN-2863-1
http://www.ubuntu.com/usn/USN-2864-1
http://www.ubuntu.com/usn/USN-2865-1
http://www.ubuntu.com/usn/USN-2866-1
http://www.ubuntu.com/usn/USN-2884-1
http://www.ubuntu.com/usn/USN-2904-1
1289841 https://bugzilla.redhat.com/show_bug.cgi?id=1289841
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:38.4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:38.4.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:38.5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:38.5.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:38.5.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:38.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
CVE-2015-7575 https://nvd.nist.gov/vuln/detail/CVE-2015-7575
mfsa2015-150 https://www.mozilla.org/en-US/security/advisories/mfsa2015-150
RHSA-2016:0007 https://access.redhat.com/errata/RHSA-2016:0007
RHSA-2016:0008 https://access.redhat.com/errata/RHSA-2016:0008
RHSA-2016:0012 https://access.redhat.com/errata/RHSA-2016:0012
RHSA-2016:0049 https://access.redhat.com/errata/RHSA-2016:0049
RHSA-2016:0050 https://access.redhat.com/errata/RHSA-2016:0050
RHSA-2016:0053 https://access.redhat.com/errata/RHSA-2016:0053
RHSA-2016:0054 https://access.redhat.com/errata/RHSA-2016:0054
RHSA-2016:0055 https://access.redhat.com/errata/RHSA-2016:0055
RHSA-2016:0056 https://access.redhat.com/errata/RHSA-2016:0056
RHSA-2016:0098 https://access.redhat.com/errata/RHSA-2016:0098
RHSA-2016:0099 https://access.redhat.com/errata/RHSA-2016:0099
RHSA-2016:0100 https://access.redhat.com/errata/RHSA-2016:0100
RHSA-2016:0101 https://access.redhat.com/errata/RHSA-2016:0101
USN-2863-1 https://usn.ubuntu.com/2863-1/
USN-2864-1 https://usn.ubuntu.com/2864-1/
USN-2865-1 https://usn.ubuntu.com/2865-1/
USN-2866-1 https://usn.ubuntu.com/2866-1/
USN-2884-1 https://usn.ubuntu.com/2884-1/
USN-2904-1 https://usn.ubuntu.com/2904-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2015-7575
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2015-7575
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.64895
EPSS Score 0.00260
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.