CVE-2014-1587

Sažetak

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Reference

http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
http://www.debian.org/security/2014/dsa-3090
http://www.debian.org/security/2014/dsa-3092
http://www.mozilla.org/security/announce/2014/mfsa2014-83.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
http://www.securityfocus.com/bid/71391
https://bugzilla.mozilla.org/show_bug.cgi?id=1042567
https://bugzilla.mozilla.org/show_bug.cgi?id=1072847
https://bugzilla.mozilla.org/show_bug.cgi?id=1079729
https://bugzilla.mozilla.org/show_bug.cgi?id=1080312
https://bugzilla.mozilla.org/show_bug.cgi?id=1089207
https://security.gentoo.org/glsa/201504-01

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

24-12-2016 - 02:59

Objavljeno

11-12-2014 - 11:59