Lucene search

Veracode Vulnerability DatabaseVERACODE:10890

HistoryJan 15, 2019 - 8:53 a.m.

Remote Code Execution (RCE)

2019-01-1508:53:46

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

firefox is vulnerable to remote code execution (RCE) attacks. The vulnerability exists through multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CPENameOperatorVersion
firefoxeq3.6.17__1.el6_0
firefoxeq10.0.8__1.el6_3
firefoxeq24.4.0__1.el6_5
firefoxeq10.0.5__1.el6_2
firefoxeq1.5.0.12__15.el5_1
firefoxeq3.6.14__4.el6_0
firefoxeq17.0.10__1.el6_4
firefoxeq3.6.26__1.el5_7
firefoxeq3.0.11__2.el5_3
firefoxeq3.6.11__2.el5

Name	Operator	Version
firefox	eq	3.6.17__1.el6_0
firefox	eq	10.0.8__1.el6_3
firefox	eq	24.4.0__1.el6_5
firefox	eq	10.0.5__1.el6_2
firefox	eq	1.5.0.12__15.el5_1
firefox	eq	3.6.14__4.el6_0
firefox	eq	17.0.10__1.el6_4
firefox	eq	3.6.26__1.el5_7
firefox	eq	3.0.11__2.el5_3
firefox	eq	3.6.11__2.el5

Rows per page:

1-10 of 1931

References

linux.oracle.com/errata/ELSA-2014-0741.html

linux.oracle.com/errata/ELSA-2014-0742.html

lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html

lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html

lists.opensuse.org/opensuse-updates/2014-06/msg00040.html

lists.opensuse.org/opensuse-updates/2014-07/msg00001.html

lists.opensuse.org/opensuse-updates/2014-07/msg00004.html

rhn.redhat.com/errata/RHSA-2014-0741.html

rhn.redhat.com/errata/RHSA-2014-0742.html

secunia.com/advisories/58984

secunia.com/advisories/59052

secunia.com/advisories/59149

secunia.com/advisories/59150

secunia.com/advisories/59165

secunia.com/advisories/59169

secunia.com/advisories/59170

secunia.com/advisories/59171

secunia.com/advisories/59229

secunia.com/advisories/59275

secunia.com/advisories/59328

secunia.com/advisories/59377

secunia.com/advisories/59387

secunia.com/advisories/59425

secunia.com/advisories/59486

secunia.com/advisories/59866

www.debian.org/security/2014/dsa-2955

www.debian.org/security/2014/dsa-2960

www.mozilla.org/security/announce/2014/mfsa2014-48.html

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

www.securityfocus.com/bid/67965

www.securitytracker.com/id/1030386

www.securitytracker.com/id/1030388

www.ubuntu.com/usn/USN-2243-1

www.ubuntu.com/usn/USN-2250-1

access.redhat.com/security/updates/classification/#critical

bugzilla.mozilla.org/show_bug.cgi?id=1009952

bugzilla.mozilla.org/show_bug.cgi?id=1011007

bugzilla.mozilla.org/show_bug.cgi?id=921622

bugzilla.mozilla.org/show_bug.cgi?id=967354

bugzilla.mozilla.org/show_bug.cgi?id=978811

bugzilla.mozilla.org/show_bug.cgi?id=988719

bugzilla.mozilla.org/show_bug.cgi?id=991981

bugzilla.mozilla.org/show_bug.cgi?id=992274

bugzilla.mozilla.org/show_bug.cgi?id=994907

bugzilla.mozilla.org/show_bug.cgi?id=995679

bugzilla.mozilla.org/show_bug.cgi?id=996715

bugzilla.mozilla.org/show_bug.cgi?id=999651

rhn.redhat.com/errata/RHSA-2014-0741.html

security.gentoo.org/glsa/201504-01

www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.6

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

Related for VERACODE:10890