CVE-2015-2730
Novell Suse Linux Enterprise Software... - Cryptographic Issue
Title source: ruleDescription
Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors.
References (21)
Core 21
Core References
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/83399
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201512-10
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2015/dsa-3336
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/75541
Third Party Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1699.html
Vendor Advisory x_refsource_confirm
http://www.mozilla.org/security/announce/2015/mfsa2015-64.html
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1664.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
Third Party Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
Third Party Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2672-1
Vendor Advisory x_refsource_confirm
https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=1125025
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2656-1
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032783
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2656-2
Scores
EPSS
0.0023
EPSS Percentile
45.4%
Details
CWE
CWE-310
Status
published
Products (9)
debian/debian_linux
7.0
debian/debian_linux
8.0
mozilla/network_security_services
< 3.19
novell/suse_linux_enterprise_desktop
12.0
novell/suse_linux_enterprise_server
11 sp4
novell/suse_linux_enterprise_server
12.0
novell/suse_linux_enterprise_software_development_kit
12.0
oracle/solaris
11.3
oracle/vm_server
3.2
Published
Jul 06, 2015
Tracked Since
Feb 18, 2026