Vulnerability Change Records for CVE-2015-2716

Change History

CVE Modified by Source 6/03/2015 10:4:19 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html

Modified Analysis 5/14/2015 2:20:40 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
Configuration 1
     OR
          *cpe:2.3:a:mozilla:thunderbird:31.5:*:*:*:*:*:*:* (and previous)
Configuration 2
     OR
          *cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.1.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.2:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.3:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.3.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.4:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5.2:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5.3:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.6.0:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:a:mozilla:firefox:37.0.2:*:*:*:*:*:*:* (and previous)
Added CVSS V2

								
							
							
						
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Added CWE

								
							
							
						
CWE-119
Changed Reference Type
http://www.mozilla.org/security/announce/2015/mfsa2015-54.html No Types Assigned
http://www.mozilla.org/security/announce/2015/mfsa2015-54.html Advisory

Modified Analysis 8/06/2015 12:48:59 PM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:a:mozilla:thunderbird:31.5:*:*:*:*:*:*:* (and previous)
Configuration 2
     OR
          *cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.1.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.2:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.3:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.3.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.4:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5.2:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5.3:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.6.0:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:a:mozilla:firefox:37.0.2:*:*:*:*:*:*:* (and previous)
Configuration 1
     OR
          *cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:opensuse:13.1:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:opensuse:13.2:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.1.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.2:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.3:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.3.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.4:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5.2:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5.3:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.6.0:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:a:mozilla:thunderbird:31.5:*:*:*:*:*:*:* (and previous)
Configuration 4
     OR
          *cpe:2.3:a:mozilla:firefox:37.0.2:*:*:*:*:*:*:* (and previous)

CVE Modified by Mozilla Corporation 11/30/2016 9:59:38 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.gentoo.org/glsa/201605-06 [No Types Assigned]

CVE Modified by Source 7/23/2015 9:59:04 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://hg.mozilla.org/releases/mozilla-esr31/rev/2f3e78643f5c

CPE Deprecation Remap 10/30/2018 12:27:35 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:novell:opensuse:13.1:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Initial CVE Analysis 5/14/2015 2:20:16 PM

Action Type Old Value New Value

CVE Modified by Mozilla Corporation 11/02/2017 9:29:00 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.tenable.com/security/tns-2016-20 [No Types Assigned]

CPE Deprecation Remap 10/30/2018 12:27:37 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:novell:opensuse:13.2:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

CVE Modified by Mozilla Corporation 12/30/2016 9:59:25 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00000.html [No Types Assigned]

CVE Modified by Mozilla Corporation 1/02/2017 9:59:54 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html [No Types Assigned]
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2015-0988.html [No Types Assigned]
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2015-1012.html [No Types Assigned]
Added Reference

								
							
							
						
http://www.debian.org/security/2015/dsa-3260 [No Types Assigned]
Added Reference

								
							
							
						
http://www.debian.org/security/2015/dsa-3264 [No Types Assigned]
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/74611 [No Types Assigned]
Added Reference

								
							
							
						
http://www.ubuntu.com/usn/USN-2602-1 [No Types Assigned]
Added Reference

								
							
							
						
http://www.ubuntu.com/usn/USN-2603-1 [No Types Assigned]
Added Reference

								
							
							
						
https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 [No Types Assigned]

CVE Translated 2/17/2016 4:45:11 PM

Action Type Old Value New Value
Added Translation

								
							
							
						
Desbordamiento de buffer en el analizador XML en Mozilla Firefox en versiones anteriores a 38.0, Firefox ESR 31.x en versiones anteriores a 31.7 y Thunderbird en versiones anteriores a 31.7 permite a atacantes remotos ejecutar código arbitrario proporcionando una gran cantidad de datos XML comprimidos, un problema relacionado con CVE-2015-1283.
Removed Translation
Desbordamiento de buffer en el analizador sintáctico de XML en Mozilla Firefox anterior a 38.0, Firefox ESR 31.x anterior a 31.7, y Thunderbird anterior a 31.7 permite a atacantes remotos ejecutar código arbitrario mediante la provisión de una cantidad grande de datos XML comprimidos.

								
						

CVE Modified by Source 10/03/2016 10:3:05 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

CVE Modified by Mozilla Corporation 12/23/2016 9:59:09 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html [No Types Assigned]

CVE Modified by Source 10/02/2015 9:59:09 PM

Action Type Old Value New Value
Changed Description
Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data.
Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283.

Modified Analysis 11/15/2016 12:45:40 PM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:opensuse:13.1:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:opensuse:13.2:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:a:mozilla:firefox:37.0.2:*:*:*:*:*:*:* (and previous)
Configuration 3
     OR
          *cpe:2.3:a:mozilla:thunderbird:31.5:*:*:*:*:*:*:* (and previous)
Configuration 4
     OR
          *cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.1.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.2:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.3:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.3.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.4:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5.2:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5.3:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.6.0:*:*:*:*:*:*:*
Configuration 1
     OR
          *cpe:2.3:a:mozilla:firefox:37.0.2:*:*:*:*:*:*:* (and previous)
Configuration 2
     OR
          *cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:opensuse:13.1:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:opensuse:13.2:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:a:mozilla:thunderbird:31.5:*:*:*:*:*:*:* (and previous)
Configuration 4
     OR
          *cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
Configuration 5
     OR
          *cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.1.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.2:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.3:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.3.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.4:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5.2:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.5.3:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:31.6.0:*:*:*:*:*:*:*
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html No Types Assigned
http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html Third Party Advisory
Changed Reference Type
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html No Types Assigned
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html Third Party Advisory
Changed Reference Type
https://bugzilla.mozilla.org/show_bug.cgi?id=1140537 No Types Assigned
https://bugzilla.mozilla.org/show_bug.cgi?id=1140537 Issue Tracking