Lucene search

K

[email protected]NVD:CVE-2014-1562

HistorySep 03, 2014 - 10:55 a.m.

CVE-2014-1562

2014-09-0310:55:06

CWE-119

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.066 Low

EPSS

Percentile

93.8%

Unspecified vulnerability in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Affected configurations

NVD

Node

mozillafirefox_esrMatch24.0

OR

mozillafirefox_esrMatch24.0.1

OR

mozillafirefox_esrMatch24.0.2

OR

mozillafirefox_esrMatch24.1.0

OR

mozillafirefox_esrMatch24.1.1

OR

mozillafirefox_esrMatch24.2

OR

mozillafirefox_esrMatch24.3

OR

mozillafirefox_esrMatch24.4

OR

mozillafirefox_esrMatch24.5

OR

mozillafirefox_esrMatch24.6

OR

mozillafirefox_esrMatch24.7

OR

mozillafirefox_esrMatch31.0

Node

mozillathunderbirdMatch24.0

OR

mozillathunderbirdMatch24.0.1

OR

mozillathunderbirdMatch24.1

OR

mozillathunderbirdMatch24.1.1

OR

mozillathunderbirdMatch24.2

OR

mozillathunderbirdMatch24.3

OR

mozillathunderbirdMatch24.4

OR

mozillathunderbirdMatch24.5

OR

mozillathunderbirdMatch24.6

OR

mozillathunderbirdMatch24.7

OR

mozillathunderbirdMatch31.0

Node

mozillafirefoxRange≤31.1.0

OR

mozillafirefoxMatch30.0

OR

mozillafirefoxMatch31.0

References

lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.html

lists.opensuse.org/opensuse-security-announce/2014-09/msg00005.html

lists.opensuse.org/opensuse-security-announce/2014-09/msg00007.html

lists.opensuse.org/opensuse-security-announce/2014-09/msg00012.html

lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html

lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html

lists.opensuse.org/opensuse-updates/2014-09/msg00011.html

secunia.com/advisories/60148

secunia.com/advisories/60186

secunia.com/advisories/61114

secunia.com/advisories/61390

www.debian.org/security/2014/dsa-3018

www.debian.org/security/2014/dsa-3028

www.mozilla.org/security/announce/2014/mfsa2014-67.html

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

www.securityfocus.com/bid/69519

www.securitytracker.com/id/1030793

www.securitytracker.com/id/1030794

bugzilla.mozilla.org/show_bug.cgi?id=1054359

security.gentoo.org/glsa/201504-01

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.066 Low

EPSS

Percentile

93.8%

Related for NVD:CVE-2014-1562

ubuntucve1 veracode2 prion1 cvelist1 cve1 oraclelinux2 openvas36 mageia2 osv2 nessus28 debian2 suse9 centos2 redhat2 ibm3 mozilla1 ubuntu2 securityvulns1 gentoo1