CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
90.5%
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
opensuse | evergreen | 11.4 | cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:* |
opensuse | opensuse | 12.3 | cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:* |
opensuse | opensuse | 13.1 | cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* |
mozilla | firefox | * | cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* |
mozilla | firefox | 30.0 | cpe:2.3:a:mozilla:firefox:30.0:*:*:*:*:*:*:* |
mozilla | firefox | 31.0 | cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:* |
mozilla | firefox_esr | 31.0 | cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:* |
mozilla | thunderbird | 31.0 | cpe:2.3:a:mozilla:thunderbird:31.0:*:*:*:*:*:*:* |
lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.html
lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html
lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
lists.opensuse.org/opensuse-updates/2014-09/msg00011.html
secunia.com/advisories/60148
secunia.com/advisories/61114
www.mozilla.org/security/announce/2014/mfsa2014-67.html
www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
www.securityfocus.com/bid/69524
www.securitytracker.com/id/1030793
www.securitytracker.com/id/1030794
bugzilla.mozilla.org/show_bug.cgi?id=1022945
bugzilla.mozilla.org/show_bug.cgi?id=1027359
bugzilla.mozilla.org/show_bug.cgi?id=1033121
bugzilla.mozilla.org/show_bug.cgi?id=1035007
bugzilla.mozilla.org/show_bug.cgi?id=1037666
bugzilla.mozilla.org/show_bug.cgi?id=1041148
bugzilla.mozilla.org/show_bug.cgi?id=995075
security.gentoo.org/glsa/201504-01