Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-0817

EPSS 1.34% · P80
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2015-0817

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to unintended memory locations, and consequently execute arbitrary code, via crafted JavaScript.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Mozilla产品安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Mozilla Firefox、Firefox ESR和SeaMonkey都是由美国Mozilla基金会开发。Firefox是一款开源Web浏览器,Firefox ESR是Firefox的一个延长支持版本。SeaMonkey是一套免费、开源以及跨平台的网络套装软件。 多款Mozilla产品的asm.js实现过程中存在安全漏洞,该漏洞源于没有正确处理程序在JIT编译和堆访问期间的边界检查。远程攻击者可借助特制的JavaScript代码利用该漏洞读取或写入任意内存位置,执行任意代码。以下产品及版本受到影响:M
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2015-0817

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2015-0817

登录查看更多情报信息。

Same Patch Batch · n/a · 2015-03-24 · 22 CVEs total

CVE-2015-0158IBM Business Process Manager Coach NG框架跨站脚本漏洞
CVE-2015-0818多款Mozilla产品权限许可和访问控制漏洞
CVE-2015-0527EMC Documentum xCelerated Management System 信息泄露漏洞
CVE-2015-0137IBM PowerVC 加密问题漏洞
CVE-2015-0136IBM PowerVC powervc-iso-import 信息泄露漏洞
CVE-2015-0106IBM Business Process Manager和WebSphere Lombardi Edition 跨站脚本漏洞
CVE-2015-0105IBM Business Process Manager Process Portal 跨站脚本漏洞
CVE-2015-0103IBM Business Process Manager Process Portal 跨站脚本漏洞
CVE-2015-0199IBM General Parallel File System mmfslinux kernel模块资源管理错误漏洞
CVE-2015-0198IBM General Parallel File System 授权问题漏洞
CVE-2015-0197IBM General Parallel File System 权限许可和访问控制漏洞
CVE-2015-0250Apache Batik XML外部实体漏洞
CVE-2015-2284SolarWinds Firewall Security Manager 权限许可和访问控制漏洞
CVE-2015-2265Apple CUPS cups-filters 安全漏洞
CVE-2015-2155tcpdump 安全漏洞
CVE-2015-2154tcpdump‘osi_print_cksum’函数缓冲区溢出漏洞
CVE-2015-2153tcpdump‘rpki_rtr_pdu_print’函数缓冲区溢出漏洞
CVE-2015-1388Aruba Networks ArubaOS on Aruba access points 操作系统命令注入漏洞
CVE-2015-0282GnuTLS 加密问题漏洞
CVE-2015-0261tcpdump‘mobility_opt_print’函数数字错误漏洞

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2015-0817

No comments yet

Leave a comment