CVE-2015-4503

MEDIUM

Description

The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as demonstrated by availability of this API in a Firefox OS application.

References

http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html

http://www.mozilla.org/security/announce/2015/mfsa2015-97.html

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

http://www.securityfocus.com/bid/76815

http://www.securitytracker.com/id/1033640

https://bugzilla.mozilla.org/show_bug.cgi?id=994337

Details

Source: MITRE

Published: 2015-09-24

Updated: 2016-12-22

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* versions up to 40.0.3 (inclusive)

Tenable Plugins

View all (5 total)

IDNameProductFamilySeverity
86282openSUSE Security Update : seamonkey (openSUSE-2015-632)NessusSuSE Local Security Checks
high
86238openSUSE Security Update : MozillaFirefox (openSUSE-2015-619)NessusSuSE Local Security Checks
high
8948Mozilla Firefox < 41.0 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
86079FreeBSD : mozilla -- multiple vulnerabilities (2d56c7f4-b354-428f-8f48-38150c607a05)NessusFreeBSD Local Security Checks
high
86071Firefox < 41 Multiple VulnerabilitiesNessusWindows
high