CVE-2014-1518

HIGH

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

References

http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132332.html

http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html

http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00015.html

http://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html

http://lists.opensuse.org/opensuse-updates/2014-05/msg00013.html

http://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html

http://lists.opensuse.org/opensuse-updates/2014-05/msg00040.html

http://rhn.redhat.com/errata/RHSA-2014-0448.html

http://rhn.redhat.com/errata/RHSA-2014-0449.html

http://secunia.com/advisories/59866

http://www.debian.org/security/2014/dsa-2918

http://www.debian.org/security/2014/dsa-2924

http://www.mozilla.org/security/announce/2014/mfsa2014-34.html

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

http://www.securityfocus.com/bid/67123

http://www.securitytracker.com/id/1030163

http://www.securitytracker.com/id/1030164

http://www.ubuntu.com/usn/USN-2185-1

http://www.ubuntu.com/usn/USN-2189-1

https://bugzilla.mozilla.org/show_bug.cgi?id=944353

https://bugzilla.mozilla.org/show_bug.cgi?id=952022

https://bugzilla.mozilla.org/show_bug.cgi?id=966630

https://bugzilla.mozilla.org/show_bug.cgi?id=980537

https://bugzilla.mozilla.org/show_bug.cgi?id=986678

https://bugzilla.mozilla.org/show_bug.cgi?id=986843

https://bugzilla.mozilla.org/show_bug.cgi?id=991471

https://bugzilla.mozilla.org/show_bug.cgi?id=992968

https://bugzilla.mozilla.org/show_bug.cgi?id=993546

https://security.gentoo.org/glsa/201504-01

Details

Source: MITRE

Published: 2014-04-30

Updated: 2017-01-07

Risk Information

CVSS v2.0

Base Score: 10

Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Impact Score: 10

Exploitability Score: 10

Severity: HIGH