VDB
GCVE-110-MAGEIA-2015-115
GCVE-110-MAGEIA-2015-115
Advisory Published
A flaw was discovered in the implementation of typed array bounds checking
in the Javascript just-in-time compilation. If a user were tricked in to
opening a specially crafted website, an attacked could exploit this to
execute arbitrary code with the privileges of the user invoking Firefox
(CVE-2015-0817).
Mariusz Mlynski discovered a flaw in the processing of SVG format content
navigation. If a user were tricked in to opening a specially crafted
website, an attacker could exploit this to run arbitrary script in a
privileged context (CVE-2015-0818).
The firefox package has been updated to version 31.5.3 to fix these issues.
Also, the nss package has been updated to version 3.18, which enables TLS
and DTLS 1.2, increases the default RSA key size created by certutil to 2048
bits, and has some CA root certificate updates.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | rootcerts | 0 (affected), 20150226.00-1.mga4 (unaffected), 0 (affected), 20150226.00-1.mga4 (unaffected) | — |
| Mageia | gftp | 0 (affected), 2.0.19-13.1.mga5 (unaffected) | — |
| Mageia | firefox-l10n | 0 (affected), 31.5.3-1.mga4 (unaffected), 0 (affected), 31.5.3-1.mga4 (unaffected) | — |
| Mageia | firefox | 0 (affected), 31.5.3-1.mga4 (unaffected), 0 (affected), 31.5.3-1.mga4 (unaffected) | — |
| Mageia | nss | 0 (affected), 3.18.0-1.mga4 (unaffected), 3.18.0-1.mga4 (unaffected), 0 (affected) | — |
Aliases
References
Browse GCVE Records
73,118 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.