Lucene search

K

[email protected]NVD:CVE-2014-1593

HistoryDec 11, 2014 - 11:59 a.m.

CVE-2014-1593

2014-12-1111:59:07

CWE-119

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.119 Low

EPSS

Percentile

95.4%

Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.

Affected configurations

NVD

Node

mozillafirefoxRange≤33.0

OR

mozillafirefox_esrRange≤31.2

OR

mozillaseamonkeyRange≤2.30

OR

mozillathunderbirdRange≤31.2

References

lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html

lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html

www.debian.org/security/2014/dsa-3090

www.debian.org/security/2014/dsa-3092

www.mozilla.org/security/announce/2014/mfsa2014-88.html

www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html

www.securityfocus.com/bid/71395

bugzilla.mozilla.org/show_bug.cgi?id=1085175

security.gentoo.org/glsa/201504-01

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.119 Low

EPSS

Percentile

95.4%

Related for NVD:CVE-2014-1593

cvelist1 openvas22 prion1 cve1 ubuntucve1 veracode1 mozilla1 nessus28 centos2 ubuntu2 redhat2 osv2 debian2 oraclelinux2 mageia2 suse3 archlinux1 freebsd1 securityvulns1 ibm1 gentoo1