[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-1593Date: (C)2015-01-02   (M)2024-03-27


Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
BID-71395
DSA-3090
DSA-3092
GLSA-201504-01
http://www.mozilla.org/security/announce/2014/mfsa2014-88.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
https://bugzilla.mozilla.org/show_bug.cgi?id=1085175
openSUSE-SU-2015:0138
openSUSE-SU-2015:1266

CPE    3
cpe:/a:mozilla:firefox:33.0
cpe:/a:mozilla:thunderbird:31.2
cpe:/a:mozilla:firefox_esr:31.2
CWE    1
CWE-119
OVAL    21
oval:org.secpod.oval:def:1500812
oval:org.secpod.oval:def:601863
oval:org.secpod.oval:def:501460
oval:org.secpod.oval:def:52353
...

© SecPod Technologies