Lucene search

K

Kaspersky LabKLA10464

HistoryFeb 24, 2015 - 12:00 a.m.

KLA10464 Multiple vulnerabilities in Mozilla products

2015-02-2400:00:00

Kaspersky Lab

threats.kaspersky.com

32

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.066 Low

EPSS

Percentile

93.7%

Detect date:

02/24/2015

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Mozilla products. Malicious users can exploit these vulnerabilities to cause denial of service, gain privilleges, obtain sensitiv information, execute arbitrary code, spoof user interface or read local files.

Affected products:

Mozilla Firefox versions earlier than 36
Mozilla Firefox ESR versions earlier than 31.5
Mozilla Thunderbird versions earlier than 31.5

Solution:

Update to latest version!

Original advisories:

MFSA 2015-11 — 2015-27

Impacts:

ACE

Related products:

Mozilla Firefox

CVE-IDS:

CVE-2015-08237.5Critical
CVE-2015-08286.8High
CVE-2015-08344.3Warning
CVE-2015-08357.5Critical
CVE-2015-08367.5Critical
CVE-2015-08254.3Warning
CVE-2015-08316.8High
CVE-2015-08305.0Critical
CVE-2015-08245.0Critical
CVE-2015-08274.3Warning
CVE-2015-08296.8High
CVE-2015-08224.3Warning
CVE-2015-08336.9High
CVE-2015-08266.8High
CVE-2015-08202.6Warning
CVE-2015-08325.0Critical
CVE-2015-08216.8High
CVE-2015-08194.3Warning

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0819

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0820

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0821

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0822

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0823

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0824

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0825

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0826

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0827

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0828

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0829

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0830

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0831

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0832

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0833

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0834

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0835

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0836

statistics.securelist.com/vulnerability-scan/month

threats.kaspersky.com/en/product/Mozilla-Firefox/

threats.kaspersky.com/en/product/Mozilla-Thunderbird/

www.mozilla.org/en-US/security/advisories/

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.066 Low

EPSS

Percentile

93.7%

Related for KLA10464

openvas53 nessus34 ubuntu3 freebsd1 archlinux2 suse7 securityvulns1 mageia2 redhat4 centos3 osv2 oraclelinux3 debian2 mozilla18 ubuntucve19 prion19 cve19 checkpoint_advisories1 veracode4 ibm1 gentoo1