CVE-2015-2724: Buffer Overflow
First published: Mon Jul 06 2015(Updated: )
Last updated 24 July 2024
Credit: security@mozilla.org security@mozilla.org security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/icedove | ||
| debian/iceweasel | ||
| Oracle Solaris | =11.3 | |
| Mozilla Firefox ESR | =31.0 | |
| Mozilla Firefox ESR | =31.1 | |
| Mozilla Firefox ESR | =31.1.0 | |
| Mozilla Firefox ESR | =31.1.1 | |
| Mozilla Firefox ESR | =31.2 | |
| Mozilla Firefox ESR | =31.3 | |
| Mozilla Firefox ESR | =31.3.0 | |
| Mozilla Firefox ESR | =31.4 | |
| Mozilla Firefox ESR | =31.5 | |
| Mozilla Firefox ESR | =31.5.1 | |
| Mozilla Firefox ESR | =31.5.2 | |
| Mozilla Firefox ESR | =31.5.3 | |
| Mozilla Firefox ESR | =31.6.0 | |
| Mozilla Firefox ESR | =31.7.0 | |
| Mozilla Firefox ESR | =38.0 | |
| Novell Suse Linux Enterprise Software Development Kit | =12.0 | |
| Canonical Ubuntu Linux | =12.04 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =14.10 | |
| Canonical Ubuntu Linux | =15.04 | |
| Debian Debian Linux | =7.0 | |
| Debian Debian Linux | =8.0 | |
| Novell Suse Linux Enterprise Desktop | =12.0 | |
| Novell Suse Linux Enterprise Server | =11-sp4 | |
| Novell Suse Linux Enterprise Server | =12.0 | |
| Mozilla Thunderbird | <=38.0.1 | |
| Mozilla Firefox | <=38.1.0 | |
| Mozilla Firefox | =31.0 | |
| Mozilla Firefox | =31.1.0 | |
| Mozilla Firefox | =31.1.1 | |
| Mozilla Firefox | =31.3.0 | |
| Mozilla Firefox | =31.5.1 | |
| Mozilla Firefox | =31.5.2 | |
| Mozilla Firefox | =31.5.3 | |
| Mozilla Firefox | =38.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.mozilla.org/security/announce/2015/mfsa2015-59.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=1143679
- https://bugzilla.mozilla.org/show_bug.cgi?id=1154876
- https://bugzilla.mozilla.org/show_bug.cgi?id=1160884
- https://bugzilla.mozilla.org/show_bug.cgi?id=1164567
- http://www.debian.org/security/2015/dsa-3324
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html
- http://www.ubuntu.com/usn/USN-2673-1
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
- http://www.securityfocus.com/bid/75541
- https://security.gentoo.org/glsa/201512-10
- http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
- http://rhn.redhat.com/errata/RHSA-2015-1455.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
- http://www.debian.org/security/2015/dsa-3300
- http://rhn.redhat.com/errata/RHSA-2015-1207.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html
- http://www.ubuntu.com/usn/USN-2656-1
- http://www.ubuntu.com/usn/USN-2656-2
- http://www.securitytracker.com/id/1032783
- http://www.securitytracker.com/id/1032784
- https://launchpad.net/bugs/cve/CVE-2015-2724
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-59/
- https://security-tracker.debian.org/tracker/CVE-2015-2724
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2724
- https://nvd.nist.gov/vuln/detail/CVE-2015-2724
- https://ubuntu.com/security/CVE-2015-2724
Frequently Asked Questions
What is CVE-2015-2724?
CVE-2015-2724 is a vulnerability in the browser engine in Mozilla Firefox before version 39.0, Firefox ESR before version 31.8 and 38.x before 38.1, and Thunderbird before version 38.1 that allows remote attackers to cause a denial of service or possibly execute arbitrary code.
Which software versions are affected by CVE-2015-2724?
CVE-2015-2724 affects Mozilla Firefox ESR versions 31.x before 31.8 and 38.x before 38.1, as well as Thunderbird versions before 38.1.
How severe is CVE-2015-2724?
CVE-2015-2724 has a severity score of 10 (critical).
What is the Common Weakness Enumeration (CWE) ID of CVE-2015-2724?
CVE-2015-2724 is associated with CWE-119.
Where can I find more information about CVE-2015-2724?
You can find more information about CVE-2015-2724 at the following references: [^1^] [^2^] [^3^]
- agent/type
- collector/launchpad-cve
- source/Launchpad
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- agent/weakness
- agent/severity
- agent/author
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- package-manager/debian
- vendor/oracle
- canonical/oracle solaris
- version/oracle solaris/11.3
- vendor/mozilla
- canonical/mozilla firefox esr
- version/mozilla firefox esr/31.0
- version/mozilla firefox esr/31.1
- version/mozilla firefox esr/31.1.0
- version/mozilla firefox esr/31.1.1
- version/mozilla firefox esr/31.2
- version/mozilla firefox esr/31.3
- version/mozilla firefox esr/31.3.0
- version/mozilla firefox esr/31.4
- version/mozilla firefox esr/31.5
- version/mozilla firefox esr/31.5.1
- version/mozilla firefox esr/31.5.2
- version/mozilla firefox esr/31.5.3
- version/mozilla firefox esr/31.6.0
- version/mozilla firefox esr/31.7.0
- version/mozilla firefox esr/38.0
- vendor/novell
- canonical/novell suse linux enterprise software development kit
- version/novell suse linux enterprise software development kit/12.0
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/12.04
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/14.10
- version/canonical ubuntu linux/15.04
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/7.0
- version/debian debian linux/8.0
- canonical/novell suse linux enterprise desktop
- version/novell suse linux enterprise desktop/12.0
- canonical/novell suse linux enterprise server
- version/novell suse linux enterprise server/11-sp4
- version/novell suse linux enterprise server/12.0
- canonical/mozilla thunderbird
- version/mozilla thunderbird/38.0.1
- canonical/mozilla firefox
- version/mozilla firefox/38.1.0
- version/mozilla firefox/31.0
- version/mozilla firefox/31.1.0
- version/mozilla firefox/31.1.1
- version/mozilla firefox/31.3.0
- version/mozilla firefox/31.5.1
- version/mozilla firefox/31.5.2
- version/mozilla firefox/31.5.3
- version/mozilla firefox/38.0