CVE-2014-8634

HIGH

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

References

http://linux.oracle.com/errata/ELSA-2015-0046.html

http://linux.oracle.com/errata/ELSA-2015-0047.html

http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00014.html

http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00032.html

http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00033.html

http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html

http://lists.opensuse.org/opensuse-updates/2015-01/msg00071.html

http://rhn.redhat.com/errata/RHSA-2015-0046.html

http://rhn.redhat.com/errata/RHSA-2015-0047.html

http://secunia.com/advisories/62237

http://secunia.com/advisories/62242

http://secunia.com/advisories/62250

http://secunia.com/advisories/62253

http://secunia.com/advisories/62259

http://secunia.com/advisories/62273

http://secunia.com/advisories/62274

http://secunia.com/advisories/62283

http://secunia.com/advisories/62293

http://secunia.com/advisories/62304

http://secunia.com/advisories/62313

http://secunia.com/advisories/62315

http://secunia.com/advisories/62316

http://secunia.com/advisories/62418

http://secunia.com/advisories/62446

http://secunia.com/advisories/62657

http://secunia.com/advisories/62790

http://www.debian.org/security/2015/dsa-3127

http://www.debian.org/security/2015/dsa-3132

http://www.mozilla.org/security/announce/2014/mfsa2015-01.html

http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html

http://www.securityfocus.com/bid/72049

http://www.securitytracker.com/id/1031533

http://www.securitytracker.com/id/1031534

http://www.ubuntu.com/usn/USN-2460-1

https://bugzilla.mozilla.org/show_bug.cgi?id=1109889

https://bugzilla.mozilla.org/show_bug.cgi?id=1111737

https://exchange.xforce.ibmcloud.com/vulnerabilities/99955

https://security.gentoo.org/glsa/201504-01

Details

Source: MITRE

Published: 2015-01-14

Updated: 2017-09-08

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH