← Back

CVE-2015-2730

nvd nist
Published: Jul 6, 2015Modified: May 6, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors.

Affected (9)

Show all products
Debian: Debian Linux · Novell: Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Suse Linux Enterprise Software Development Kit · Mozilla: Network Security Services · Oracle: Solaris, Vm Server
Debian
1 product
Debian Linux
Novell
3 products
Suse Linux Enterprise Desktop
Suse Linux Enterprise Server
Suse Linux Enterprise Software Development Kit
Mozilla
1 product
Network Security Services
Oracle
2 products
Solaris
Vm Server
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Debian
Debian Linux
Version 7.0
Debian Linux
Version 8.0
Suse Linux Enterprise Desktop
Version 12.0
Novell
Suse Linux Enterprise Server
Version 11 sp4
Suse Linux Enterprise Server
Version 12.0
Suse Linux Enterprise Software Development Kit
Version 12.0
Configuration B
1 vulnerable · 16 platform
Vulnerable SoftwareAffected Versions
Network Security Services
Up to 3.19
Running on/withPlatform Versions
Mozilla
Firefox
Up to 38.1.0
Mozilla
Firefox
Version 31.0
Mozilla
Firefox
Version 31.1.0
Mozilla
Firefox
Version 31.1.1
Mozilla
Firefox
Version 31.3.0
Mozilla
Firefox
Version 31.5.1
Mozilla
Firefox
Version 31.5.2
Mozilla
Firefox
Version 31.5.3
Mozilla
Firefox
Version 38.0
Mozilla
Firefox Esr
Version 31.1
Mozilla
Firefox Esr
Version 31.2
Mozilla
Firefox Esr
Version 31.3
Mozilla
Firefox Esr
Version 31.4
Mozilla
Firefox Esr
Version 31.5
Mozilla
Firefox Esr
Version 31.6.0
Mozilla
Firefox Esr
Version 31.7.0
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Solaris
Version 11.3
Vm Server
Version 3.2

Related CWEs

CWE-310
CWE-310

References (42)

Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Third Party Advisory
Source: security@mozilla.org
Third Party Advisory
Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Vendor Advisory
Source: security@mozilla.org
Third Party Advisory
Source: security@mozilla.org
Third Party Advisory
Source: security@mozilla.org
Third Party Advisory
Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Issue Tracking
Source: security@mozilla.org
Vendor Advisory
Source: security@mozilla.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.