9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.3 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.048 Low
EPSS
Percentile
92.5%
03/18/2014
Critical
Multiple critical vulnerabilities have been found in Mozilla products. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, execute arbitrary code, bypass security restrictions or gain privileges. Below is a complete list of vulnerabilities
Mozilla Firefox versions 27.0.1 and earlier
Waterfox Firefox versions 27.0.1 and earlier
Mozilla Firefox ESR versions 24.3 and earlier
Mozilla Thunderbird versions 24.3 and earlier
Mozilla Seamonkey versions 2.24 and earlier
CometBird all versions
Update to latest version
Thunderbird
Seamonkey
Firefox
ACE
CVE-2014-15086.4High
CVE-2014-14976.8High
CVE-2014-14961.9Warning
CVE-2014-14949.3Critical
CVE-2014-15096.8High
CVE-2014-15055.0Warning
www.seamonkey-project.org/releases/
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1494
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1496
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1497
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1505
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1508
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1509
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Mozilla-Firefox-ESR/
threats.kaspersky.com/en/product/Mozilla-Firefox/
threats.kaspersky.com/en/product/Mozilla-SeaMonkey/
threats.kaspersky.com/en/product/Mozilla-Thunderbird/
www.mozilla.org/en-US/firefox/new/
www.mozilla.org/en-US/thunderbird/
www.mozilla.org/security/announce/
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.3 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.048 Low
EPSS
Percentile
92.5%