← Back

CVE-2015-2737

nvd nist
Published: Jul 6, 2015Modified: May 6, 2026

JSON object

Loading...
10.0
Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 10.0 / Impact: 10.0
Source: NVD

Description

The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.

Affected (28)

Show all products
Mozilla: Firefox, Firefox Esr, Thunderbird · Canonical: Ubuntu Linux · Oracle: Solaris · Suse: Linux Enterprise Desktop, Linux Enterprise Server, Linux Enterprise Software Development Kit, Suse Linux Enterprise Server · Debian: Debian Linux
Mozilla
3 products
Firefox
Firefox Esr
Thunderbird
Canonical
1 product
Ubuntu Linux
Oracle
1 product
Solaris
Suse
4 products
Linux Enterprise Desktop
Linux Enterprise Server
Linux Enterprise Software Development Kit
Suse Linux Enterprise Server
Debian
1 product
Debian Linux
Configuration A
15 vulnerable
Vulnerable SoftwareAffected Versions
Mozilla
Firefox
Version 31.0
Firefox
Version 31.1.0
Firefox
Version 31.1.1
Firefox
Version 31.3.0
Firefox
Version 31.5.1
Firefox
Version 31.5.2
Firefox
Version 31.5.3
Firefox
Version 38.0
Mozilla
Firefox Esr
Version 31.1
Firefox Esr
Version 31.2
Firefox Esr
Version 31.3
Firefox Esr
Version 31.4
Firefox Esr
Version 31.5
Firefox Esr
Version 31.6.0
Firefox Esr
Version 31.7.0
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Firefox
Up to 38.1.0
Configuration C
4 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 12.04
Ubuntu Linux
Version 14.04
Ubuntu Linux
Version 14.10
Ubuntu Linux
Version 15.04
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Solaris
Version 11.3
Configuration E
4 vulnerable
Vulnerable SoftwareAffected Versions
Linux Enterprise Desktop
Version 12
Linux Enterprise Server
Version 11 sp4
Linux Enterprise Software Development Kit
Version 12
Suse Linux Enterprise Server
Version 12
Configuration F
2 vulnerable
Vulnerable SoftwareAffected Versions
Debian
Debian Linux
Version 7.0
Debian Linux
Version 8.0
Configuration G
1 vulnerable
Vulnerable SoftwareAffected Versions
Thunderbird
Up to 38.0.1

Related CWEs

CWE-17
CWE-17

References (40)

Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Third Party Advisory
Source: security@mozilla.org
Third Party Advisory
Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Third Party Advisory
Source: security@mozilla.org
Vendor Advisory
Source: security@mozilla.org
Third Party Advisory
Source: security@mozilla.org
Third Party Advisory
Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Third Party Advisory
Source: security@mozilla.org
Issue Tracking
Source: security@mozilla.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.