CVE-2015-7182

CVE Database · CVE-2015-7182

CVE-2015-7182

· N/AModified

CVSS v3.1

N/A

EPSS

10.24%

Published

Nov 5, 2015

Modified

May 6, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data.

Weaknesses (CWE)

CWE-119

Affected Products (17)

oracle · traffic_directorvulnerable

oracle · openssovulnerable

oracle · iplanet_web_proxy_servervulnerable

mozilla · firefoxvulnerable