Unrated severityNVD Advisory· Published Dec 16, 2015· Updated Jun 17, 2026
CVE-2015-7204
CVE-2015-7204
Description
Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <=42.0
- cpe:2.3:a:mozilla:firefox:41.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:41.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:41.0.2:*:*:*:*:*:*:*
- (no CPE)range: <43.0
cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
- osv-coords2 versionspkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweed
< 128.5.1-1.1+ 1 more
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 50.1.0-1.1
Patches
Vulnerability mechanics
References
11- www.mozilla.org/security/announce/2015/mfsa2015-135.htmlnvdVendor Advisory
- lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.htmlnvd
- lists.opensuse.org/opensuse-updates/2015-12/msg00104.htmlnvd
- lists.opensuse.org/opensuse-updates/2016-02/msg00007.htmlnvd
- lists.opensuse.org/opensuse-updates/2016-02/msg00008.htmlnvd
- www.securityfocus.com/bid/79280nvd
- www.securitytracker.com/id/1034426nvd
- www.ubuntu.com/usn/USN-2833-1nvd
- bugzilla.mozilla.org/show_bug.cginvd
- security.gentoo.org/glsa/201512-10nvd
News mentions
0No linked articles in our index yet.