CVE-2015-7200 Information
Description
The CryptoKey interface implementation in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lacks status checking which allows attackers to have an unspecified impact via vectors related to a cryptographic key.
Reference
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html http://rhn.redhat.com/errata/RHSA-2015-1982.html http://rhn.redhat.com/errata/RHSA-2015-2519.html http://www.debian.org/security/2015/dsa-3393 http://www.debian.org/security/2015/dsa-3410 http://www.mozilla.org/security/announce/2015/mfsa2015-131.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/77411 http://www.securitytracker.com/id/1034069 http://www.ubuntu.com/usn/USN-2785-1 http://www.ubuntu.com/usn/USN-2819-1 https://bugzilla.mozilla.org/show_bug.cgi?id=1204155 https://security.gentoo.org/glsa/201512-10
Share on: