CVE-2015-2730
First published: Mon Jul 06 2015(Updated: )
Last updated 24 July 2024
Credit: security@mozilla.org security@mozilla.org security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Novell Suse Linux Enterprise Software Development Kit | =12.0 | |
| Debian Debian Linux | =7.0 | |
| Debian Debian Linux | =8.0 | |
| Novell Suse Linux Enterprise Desktop | =12.0 | |
| Novell Suse Linux Enterprise Server | =11-sp4 | |
| Novell Suse Linux Enterprise Server | =12.0 | |
| Mozilla Network Security Services | <=3.19 | |
| Mozilla Firefox | <=38.1.0 | |
| Mozilla Firefox ESR | =31.0 | |
| Mozilla Firefox ESR | =31.1 | |
| Mozilla Firefox ESR | =31.1.0 | |
| Mozilla Firefox ESR | =31.1.1 | |
| Mozilla Firefox ESR | =31.2 | |
| Mozilla Firefox ESR | =31.3 | |
| Mozilla Firefox ESR | =31.3.0 | |
| Mozilla Firefox ESR | =31.4 | |
| Mozilla Firefox ESR | =31.5 | |
| Mozilla Firefox ESR | =31.5.1 | |
| Mozilla Firefox ESR | =31.5.2 | |
| Mozilla Firefox ESR | =31.5.3 | |
| Mozilla Firefox ESR | =31.6.0 | |
| Mozilla Firefox ESR | =31.7.0 | |
| Mozilla Firefox ESR | =38.0 | |
| Oracle Solaris | =11.3 | |
| Oracle VM Server | =3.2 | |
| All of | ||
| Mozilla Network Security Services | <=3.19 | |
| Any of | ||
| Mozilla Firefox | <=38.1.0 | |
| Mozilla Firefox | =31.0 | |
| Mozilla Firefox | =31.1.0 | |
| Mozilla Firefox | =31.1.1 | |
| Mozilla Firefox | =31.3.0 | |
| Mozilla Firefox | =31.5.1 | |
| Mozilla Firefox | =31.5.2 | |
| Mozilla Firefox | =31.5.3 | |
| Mozilla Firefox | =38.0 | |
| Mozilla Firefox ESR | =31.1 | |
| Mozilla Firefox ESR | =31.2 | |
| Mozilla Firefox ESR | =31.3 | |
| Mozilla Firefox ESR | =31.4 | |
| Mozilla Firefox ESR | =31.5 | |
| Mozilla Firefox ESR | =31.6.0 | |
| Mozilla Firefox ESR | =31.7.0 | |
| debian/nss | 2:3.61-1+deb11u3 2:3.61-1+deb11u4 2:3.87.1-1+deb12u1 2:3.107-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.mozilla.org/security/announce/2015/mfsa2015-64.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=1125025
- https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes
- http://www.debian.org/security/2015/dsa-3336
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
- http://www.securityfocus.com/bid/75541
- http://www.securityfocus.com/bid/83399
- https://security.gentoo.org/glsa/201512-10
- http://rhn.redhat.com/errata/RHSA-2015-1699.html
- http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
- http://rhn.redhat.com/errata/RHSA-2015-1664.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html
- http://www.ubuntu.com/usn/USN-2656-1
- http://www.ubuntu.com/usn/USN-2672-1
- http://www.ubuntu.com/usn/USN-2656-2
- http://www.securitytracker.com/id/1032783
- https://launchpad.net/bugs/cve/CVE-2015-2730
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-64/
- https://hg.mozilla.org/projects/nss/rev/fc6870938172
- https://hg.mozilla.org/projects/nss/rev/2c05e861ce07
- https://security-tracker.debian.org/tracker/CVE-2015-2730
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2730
- https://nvd.nist.gov/vuln/detail/CVE-2015-2730
- https://ubuntu.com/security/CVE-2015-2730
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID of this vulnerability is CVE-2015-2730.
What is the severity level of CVE-2015-2730?
The severity level of CVE-2015-2730 is medium (4.3).
What software is affected by CVE-2015-2730?
The software affected by CVE-2015-2730 includes Mozilla Firefox, Mozilla Firefox ESR, Novell Suse Linux Enterprise Server, Novell Suse Linux Enterprise Desktop, Debian Linux, Oracle Solaris, and Oracle VM Server.
How can remote attackers exploit CVE-2015-2730?
Remote attackers can exploit CVE-2015-2730 by spoofing ECD signatures and performing ECC multiplications.
What is the recommended remedy for CVE-2015-2730?
The recommended remedy for CVE-2015-2730 is to update to Mozilla Network Security Services (NSS) version 3.19.1 or later.
- agent/type
- collector/launchpad-cve
- source/Launchpad
- agent/weakness
- agent/severity
- agent/author
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- collector/nvd-cve
- agent/last-modified-date
- agent/trending
- agent/tags
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- agent/source
- vendor/novell
- canonical/novell suse linux enterprise software development kit
- version/novell suse linux enterprise software development kit/12.0
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/7.0
- version/debian debian linux/8.0
- canonical/novell suse linux enterprise desktop
- version/novell suse linux enterprise desktop/12.0
- canonical/novell suse linux enterprise server
- version/novell suse linux enterprise server/11-sp4
- version/novell suse linux enterprise server/12.0
- vendor/mozilla
- canonical/mozilla network security services
- version/mozilla network security services/3.19
- canonical/mozilla firefox
- version/mozilla firefox/38.1.0
- canonical/mozilla firefox esr
- version/mozilla firefox esr/31.0
- version/mozilla firefox esr/31.1
- version/mozilla firefox esr/31.1.0
- version/mozilla firefox esr/31.1.1
- version/mozilla firefox esr/31.2
- version/mozilla firefox esr/31.3
- version/mozilla firefox esr/31.3.0
- version/mozilla firefox esr/31.4
- version/mozilla firefox esr/31.5
- version/mozilla firefox esr/31.5.1
- version/mozilla firefox esr/31.5.2
- version/mozilla firefox esr/31.5.3
- version/mozilla firefox esr/31.6.0
- version/mozilla firefox esr/31.7.0
- version/mozilla firefox esr/38.0
- vendor/oracle
- canonical/oracle solaris
- version/oracle solaris/11.3
- canonical/oracle vm server
- version/oracle vm server/3.2
- version/mozilla firefox/31.0
- version/mozilla firefox/31.1.0
- version/mozilla firefox/31.1.1
- version/mozilla firefox/31.3.0
- version/mozilla firefox/31.5.1
- version/mozilla firefox/31.5.2
- version/mozilla firefox/31.5.3
- version/mozilla firefox/38.0
- package-manager/debian