6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.119 Low
EPSS
Percentile
95.4%
Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.
lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html
lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
www.debian.org/security/2014/dsa-3090
www.debian.org/security/2014/dsa-3092
www.mozilla.org/security/announce/2014/mfsa2014-88.html
www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
www.securityfocus.com/bid/71395
bugzilla.mozilla.org/show_bug.cgi?id=1085175
security.gentoo.org/glsa/201504-01