6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.089 Low
EPSS
Percentile
94.6%
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird
before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21
do not ensure that initialization occurs for JavaScript objects with
compartments, which allows remote attackers to execute arbitrary code by
leveraging incorrect scope handling.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 12.04 | noarch | firefox | < 24.0+build1-0ubuntu0.12.04.1 | UNKNOWN |
ubuntu | 12.10 | noarch | firefox | < 24.0+build1-0ubuntu0.12.10.1 | UNKNOWN |
ubuntu | 13.04 | noarch | firefox | < 24.0+build1-0ubuntu0.13.04.1 | UNKNOWN |
ubuntu | 12.04 | noarch | thunderbird | < 1:24.0+build1-0ubuntu0.12.04.1 | UNKNOWN |
ubuntu | 12.10 | noarch | thunderbird | < 1:24.0+build1-0ubuntu0.12.10.1 | UNKNOWN |
ubuntu | 13.04 | noarch | thunderbird | < 1:24.0+build1-0ubuntu0.13.04.1 | UNKNOWN |