[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-1594Date: (C)2015-01-02   (M)2024-03-27


Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
BID-71396
DSA-3090
DSA-3092
GLSA-201504-01
http://www.mozilla.org/security/announce/2014/mfsa2014-89.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
https://bugzilla.mozilla.org/show_bug.cgi?id=1074280
openSUSE-SU-2015:0138
openSUSE-SU-2015:1266

CPE    3
cpe:/a:mozilla:firefox:33.0
cpe:/a:mozilla:thunderbird:31.2
cpe:/a:mozilla:firefox_esr:31.2
CWE    1
CWE-20
OVAL    21
oval:org.secpod.oval:def:1500812
oval:org.secpod.oval:def:601863
oval:org.secpod.oval:def:501460
oval:org.secpod.oval:def:52353
...

© SecPod Technologies