Detections
Analytics

CVE-2014-1587

critical

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

References

https://security.gentoo.org/glsa/201504-01

https://bugzilla.mozilla.org/show_bug.cgi?id=1089207

https://bugzilla.mozilla.org/show_bug.cgi?id=1080312

https://bugzilla.mozilla.org/show_bug.cgi?id=1079729

https://bugzilla.mozilla.org/show_bug.cgi?id=1072847

https://bugzilla.mozilla.org/show_bug.cgi?id=1042567

http://www.securityfocus.com/bid/71391

http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html

http://www.mozilla.org/security/announce/2014/mfsa2014-83.html

http://www.debian.org/security/2014/dsa-3092

http://www.debian.org/security/2014/dsa-3090

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html

http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html

Details

Source: Mitre, NVD

Published: 2014-12-11

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical