Lucene search
RootSSV:61898HistoryMar 21, 2014 - 12:00 a.m.
Mozilla多个产品更新文件权限设置漏洞
2014-03-2100:00:00
Root
www.seebug.org
13
0.001 Low
EPSS
Percentile
36.9%
CVE ID:CVE-2014-1496
Mozilla Firefox/Thunderbird/SeaMonkey是Mozilla所发布的WEB浏览器和邮件/新闻组客户端。
Mozilla多个产品在升级过程中把文件展开后没有设置这些文件为只读属性,允许攻击者利用漏洞在升级过程中修改或替换这些文件。
0
Mozilla Firefox 27
Mozilla Firefox ESR 24.3
Mozilla Thunderbird 24.3
Mozilla Seamonkey 2.24
Mozilla Firefox 28,Firefox ESR 24.4,Thunderbird 24.4,Seamonkey 2.25已经修复该漏洞,建议用户下载更新:
http://www.mozilla.org
Related
prion
prion
Code injection
2014-03-19 10:55:00
cve
cve
CVE-2014-1496
2014-03-19 10:55:06
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2014-16) - Linux
2021-11-11 00:00:00
Mozilla Thunderbird Multiple Vulnerabilities-01 (Mar 2014) - Windows
2014-03-27 00:00:00
Mozilla Thunderbird Multiple Vulnerabilities-01 (Mar 2014) - Mac OS X
2014-03-27 00:00:00
cvelist
cvelist
CVE-2014-1496
2014-03-19 10:00:00
nvd
nvd
CVE-2014-1496
2014-03-19 10:55:06
mozilla
mozilla
Files extracted during updates are not always read only — Mozilla
2014-03-18 00:00:00
ubuntucve
ubuntucve
CVE-2014-1496
2014-03-19 00:00:00
kaspersky
kaspersky
KLA10120 Multiple vulnerabilities in Mozilla
2014-03-18 00:00:00
nessus
nessus
Thunderbird < 24.4 Multiple Vulnerabilities (Mac OS X)
2014-03-19 00:00:00
Mozilla Thunderbird < 24.4 Multiple Vulnerabilities
2014-03-19 00:00:00
Firefox ESR 24.x < 24.4 Multiple Vulnerabilities (Mac OS X)
2014-03-19 00:00:00
suse
suse
Security update for MozillaFirefox (important)
2014-03-21 23:04:18
mageia
mageia
Updated iceape packages fix multiple vulnerabilities
2014-03-31 23:47:52
freebsd
freebsd
mozilla -- multiple vulnerabilities
2014-03-19 00:00:00
securityvulns
securityvulns
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00