CVE-2015-2736 - OpenCVE

The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Oracle	Solaris
Mozilla	Firefox Esr Thunderbird Firefox
Novell	Suse Linux Enterprise Desktop Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Server
Canonical	Ubuntu Linux
Debian	Debian Linux

Configuration 1 [-]

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

Configuration 3 [-]

OR	cpe:2.3:a:mozilla:firefox_esr:31.0:::::::*
	cpe:2.3:a:mozilla:firefox_esr:31.1:::::::*
	cpe:2.3:a:mozilla:firefox_esr:31.1.0:::::::*
	cpe:2.3:a:mozilla:firefox_esr:31.1.1:::::::*
	cpe:2.3:a:mozilla:firefox_esr:31.2:::::::*
	cpe:2.3:a:mozilla:firefox_esr:31.3:::::::*
	cpe:2.3:a:mozilla:firefox_esr:31.3.0:::::::*
	cpe:2.3:a:mozilla:firefox_esr:31.4:::::::*
	cpe:2.3:a:mozilla:firefox_esr:31.5:::::::*
	cpe:2.3:a:mozilla:firefox_esr:31.5.1:::::::*
	cpe:2.3:a:mozilla:firefox_esr:31.5.2:::::::*
	cpe:2.3:a:mozilla:firefox_esr:31.5.3:::::::*
	cpe:2.3:a:mozilla:firefox_esr:31.6.0:::::::*
	cpe:2.3:a:mozilla:firefox_esr:31.7.0:::::::*
	cpe:2.3:a:mozilla:firefox_esr:38.0:::::::*

Configuration 4 [-]

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

Configuration 5 [-]

OR	cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*
	cpe:2.3:o:debian:debian_linux:7.0:::::::*
	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:::::::*
	cpe:2.3:o:novell:suse_linux_enterprise_server:11:sp4::::::
	cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:::::::*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
http://rhn.redhat.com/errata/RHSA-2015-1207.html
http://rhn.redhat.com/errata/RHSA-2015-1455.html
http://www.debian.org/security/2015/dsa-3300
http://www.debian.org/security/2015/dsa-3324	Third Party Advisory
http://www.mozilla.org/security/announce/2015/mfsa2015-66.html	Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html	Third Party Advisory
http://www.securityfocus.com/bid/75541
http://www.securitytracker.com/id/1032783
http://www.securitytracker.com/id/1032784
http://www.ubuntu.com/usn/USN-2656-1
http://www.ubuntu.com/usn/USN-2656-2
http://www.ubuntu.com/usn/USN-2673-1	Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1167888	Issue Tracking
https://security.gentoo.org/glsa/201512-10