Arbitrary Code Execution

2019-05-0204:42:56

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

Mozilla Firefox is vulnerable to arbitrary code execution. Two flaws were found in the way Firefox rendered certain images using WebGL. A web page containing malicious content could cause Firefox to crash or, under certain conditions, possibly execute arbitrary code with the privileges of the user running Firefox.

CPENameOperatorVersion
xulrunnereq1.9.2.13__3.el5
xulrunnereq1.9.2.24__2.el6_1.1
xulrunnereq1.9.2.14__4.el5_6
xulrunnereq1.9.2.18__2.el6_1
xulrunnereq10.0.5__1.el6_2
xulrunnereq1.9.0.2__5.el5
xulrunnereq1.9.2.26__2.el5_7
xulrunnereq10.0.6__2.el5_8
xulrunnereq1.9.0.1__1.el5
xulrunnereq1.9.2.18__2.el5_6

Name	Operator	Version
xulrunner	eq	1.9.2.13__3.el5
xulrunner	eq	1.9.2.24__2.el6_1.1
xulrunner	eq	1.9.2.14__4.el5_6
xulrunner	eq	1.9.2.18__2.el6_1
xulrunner	eq	10.0.5__1.el6_2
xulrunner	eq	1.9.0.2__5.el5
xulrunner	eq	1.9.2.26__2.el5_7
xulrunner	eq	10.0.6__2.el5_8
xulrunner	eq	1.9.0.1__1.el5
xulrunner	eq	1.9.2.18__2.el5_6