KLA10120 Multiple vulnerabilities in Mozilla

Detect date:

03/18/2014

Severity:

Critical

Description:

Multiple critical vulnerabilities have been found in Mozilla products. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, execute arbitrary code, bypass security restrictions or gain privileges. Below is a complete list of vulnerabilities

Affected products:

Mozilla Firefox versions 27.0.1 and earlier
Waterfox Firefox versions 27.0.1 and earlier
Mozilla Firefox ESR versions 24.3 and earlier
Mozilla Thunderbird versions 24.3 and earlier
Mozilla Seamonkey versions 2.24 and earlier
CometBird all versions

Solution:

Update to latest version
Thunderbird
Seamonkey
Firefox

Original advisories:

MFSA

Impacts:

ACE

Related products:

Mozilla Firefox

CVE-IDS:

CVE-2014-15086.4High
CVE-2014-14976.8High
CVE-2014-14961.9Warning
CVE-2014-14949.3Critical
CVE-2014-15096.8High
CVE-2014-15055.0Warning