Lucene search

K

Veracode Vulnerability DatabaseVERACODE:10941

HistoryJan 15, 2019 - 8:54 a.m.

Remote Code Execution (RCE)

2019-01-1508:54:29

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

firefox is vulnerable to remote code execution (RCE) attacks. The vulnerabilities exists due to multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CPENameOperatorVersion
firefoxeq3.6.17__1.el6_0
firefoxeq3.6.12__1.el6_0
firefoxeq3.6.24__3.el5_7
firefoxeq10.0.5__1.el6_2
firefoxeq1.5.0.12__1.el5
firefoxeq1.5.0.12__15.el5_1
firefoxeq3.6.14__4.el6_0
firefoxeq3.6.26__1.el5_7
firefoxeq10.0.1__1.el5
firefoxeq1.5.0.12__6.el5

Rows per page:

1-10 of 1801

References

lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html

lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html

lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html

lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html

osvdb.org/84007

rhn.redhat.com/errata/RHSA-2012-1088.html

secunia.com/advisories/49963

secunia.com/advisories/49964

secunia.com/advisories/49965

secunia.com/advisories/49968

secunia.com/advisories/49972

secunia.com/advisories/49977

secunia.com/advisories/49979

secunia.com/advisories/49992

secunia.com/advisories/49993

secunia.com/advisories/49994

www.debian.org/security/2012/dsa-2514

www.debian.org/security/2012/dsa-2528

www.mozilla.org/security/announce/2012/mfsa2012-42.html

www.mozilla.org/security/known-vulnerabilities/firefoxESR.html

www.securityfocus.com/bid/54580

www.securitytracker.com/id?1027256

www.securitytracker.com/id?1027257

www.securitytracker.com/id?1027258

www.ubuntu.com/usn/USN-1509-1

www.ubuntu.com/usn/USN-1509-2

www.ubuntu.com/usn/USN-1510-1

access.redhat.com/security/updates/classification/#critical

bugzilla.mozilla.org/show_bug.cgi?id=732233

bugzilla.mozilla.org/show_bug.cgi?id=746103

bugzilla.mozilla.org/show_bug.cgi?id=746896

bugzilla.mozilla.org/show_bug.cgi?id=749385

bugzilla.mozilla.org/show_bug.cgi?id=750575

bugzilla.mozilla.org/show_bug.cgi?id=754989

bugzilla.mozilla.org/show_bug.cgi?id=756600

bugzilla.mozilla.org/show_bug.cgi?id=758471

bugzilla.mozilla.org/show_bug.cgi?id=763225

bugzilla.mozilla.org/show_bug.cgi?id=772282

bugzilla.redhat.com/show_bug.cgi?id=838879

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16744

rhn.redhat.com/errata/RHBA-2012-0337.html

rhn.redhat.com/errata/RHSA-2012-1088.html

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

Related for VERACODE:10941

ubuntucve1 cve1 prion1 mozilla1 openvas47 debian3 nessus37 osv3 suse7 oraclelinux2 redhat2 ubuntu3 centos2 veracode16 securityvulns1 gentoo1