Search for vulnerabilities
| Vulnerability ID | VCID-fysn-7wu8-t3df |
| Aliases |
CVE-2015-0817
|
| Summary | Security researcher ilxu1a reported, through HP Zero Day Initiative's Pwn2Own contest, a flaw in Mozilla's implementation of typed array bounds checking in JavaScript just-in-time compilation (JIT) and its management of bounds checking for heap access. This flaw can be leveraged into the reading and writing of memory allowing for arbitary code execution on the local system. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 9.0 |
| Risk | 4.5 |
| Affected and Fixed Packages | Package Details |
| Reference id | Reference type | URL |
|---|---|---|
| https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0817.json | ||
| https://api.first.org/data/v1/epss?cve=CVE-2015-0817 | ||
| 1204362 | https://bugzilla.redhat.com/show_bug.cgi?id=1204362 | |
| CVE-2015-0817 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0817 | |
| mfsa2015-29 | https://www.mozilla.org/en-US/security/advisories/mfsa2015-29 | |
| RHSA-2015:0718 | https://access.redhat.com/errata/RHSA-2015:0718 | |
| USN-2538-1 | https://usn.ubuntu.com/2538-1/ |
| Percentile | 0.87838 |
| EPSS Score | 0.03906 |
| Published At | July 30, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-31T08:10:56.001497+00:00 | Mozilla Importer | Import | https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2015/mfsa2015-29.md | 37.0.0 |