TROYANOSYVIRUS
Volver a CVEs

CVE-2015-2738

N/A

Descripcion

The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.

Detalles CVE

Puntuacion CVSS v3.1N/A
Publicado7/6/2015
Ultima modificacion4/12/2025
Fuentenvd
Avistamientos honeypot0

Productos afectados

canonical:ubuntu_linuxdebian:debian_linuxmozilla:firefoxmozilla:firefox_esrmozilla:thunderbirdoracle:solarissuse:linux_enterprise_desktopsuse:linux_enterprise_serversuse:linux_enterprise_software_development_kitsuse:suse_linux_enterprise_server

Debilidades (CWE)

CWE-17

Referencias

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html(security@mozilla.org)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html(security@mozilla.org)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html(security@mozilla.org)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html(security@mozilla.org)
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html(security@mozilla.org)
http://rhn.redhat.com/errata/RHSA-2015-1207.html(security@mozilla.org)
http://rhn.redhat.com/errata/RHSA-2015-1455.html(security@mozilla.org)
http://www.debian.org/security/2015/dsa-3300(security@mozilla.org)
http://www.debian.org/security/2015/dsa-3324(security@mozilla.org)
http://www.mozilla.org/security/announce/2015/mfsa2015-66.html(security@mozilla.org)
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html(security@mozilla.org)
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html(security@mozilla.org)
http://www.securityfocus.com/bid/75541(security@mozilla.org)
http://www.securitytracker.com/id/1032783(security@mozilla.org)
http://www.securitytracker.com/id/1032784(security@mozilla.org)
http://www.ubuntu.com/usn/USN-2656-1(security@mozilla.org)
http://www.ubuntu.com/usn/USN-2656-2(security@mozilla.org)
http://www.ubuntu.com/usn/USN-2673-1(security@mozilla.org)
https://bugzilla.mozilla.org/show_bug.cgi?id=1167356(security@mozilla.org)
https://security.gentoo.org/glsa/201512-10(security@mozilla.org)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2015-1207.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2015-1455.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2015/dsa-3300(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2015/dsa-3324(af854a3a-2127-422b-91ae-364da2661108)
http://www.mozilla.org/security/announce/2015/mfsa2015-66.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/75541(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1032783(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1032784(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2656-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2656-2(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2673-1(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.mozilla.org/show_bug.cgi?id=1167356(af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/201512-10(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.