SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2015-7214

Date: (C)2015-12-16 (M)2024-03-27

Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE

Reference:

SECTRACK-1034426

FEDORA-2015-51b1105902

FEDORA-2015-7ab3d3afcf

SUSE-SU-2015:2334

SUSE-SU-2015:2335

SUSE-SU-2015:2336

http://www.mozilla.org/security/announce/2015/mfsa2015-149.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

https://bugzilla.mozilla.org/show_bug.cgi?id=1228950

openSUSE-SU-2015:2353

openSUSE-SU-2015:2380

openSUSE-SU-2015:2406

openSUSE-SU-2016:0307

openSUSE-SU-2016:0308

cpe:/a:mozilla:firefox_esr:38.0
cpe:/o:fedoraproject:fedora:22
cpe:/o:fedoraproject:fedora:23
cpe:/o:novell:leap:42.1
...

oval:org.secpod.oval:def:702881
oval:org.secpod.oval:def:52670
oval:org.secpod.oval:def:1501290
oval:org.secpod.oval:def:52650
...

© SecPod Technologies