Vulnerabilites related to suse - suse_linux_enterprise_software_development_kit
CVE-2015-3340 (GCVE-0-2015-3340)
Vulnerability from cvelistv5
Published
2015-04-28 14:00
Modified
2024-08-06 05:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:57.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-132.html"
},
{
"name": "FEDORA-2015-6569",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156005.html"
},
{
"name": "SUSE-SU-2015:0923",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html"
},
{
"name": "74248",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74248"
},
{
"name": "1032158",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032158"
},
{
"name": "DSA-3414",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3414"
},
{
"name": "FEDORA-2015-6583",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157006.html"
},
{
"name": "SUSE-SU-2015:0927",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "FEDORA-2015-6670",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156979.html"
},
{
"name": "openSUSE-SU-2015:0983",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-132.html"
},
{
"name": "FEDORA-2015-6569",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156005.html"
},
{
"name": "SUSE-SU-2015:0923",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html"
},
{
"name": "74248",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74248"
},
{
"name": "1032158",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032158"
},
{
"name": "DSA-3414",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3414"
},
{
"name": "FEDORA-2015-6583",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157006.html"
},
{
"name": "SUSE-SU-2015:0927",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "FEDORA-2015-6670",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156979.html"
},
{
"name": "openSUSE-SU-2015:0983",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3340",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://xenbits.xen.org/xsa/advisory-132.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-132.html"
},
{
"name": "FEDORA-2015-6569",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156005.html"
},
{
"name": "SUSE-SU-2015:0923",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html"
},
{
"name": "74248",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74248"
},
{
"name": "1032158",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032158"
},
{
"name": "DSA-3414",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3414"
},
{
"name": "FEDORA-2015-6583",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157006.html"
},
{
"name": "SUSE-SU-2015:0927",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html"
},
{
"name": "GLSA-201604-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "FEDORA-2015-6670",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156979.html"
},
{
"name": "openSUSE-SU-2015:0983",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3340",
"datePublished": "2015-04-28T14:00:00",
"dateReserved": "2015-04-20T00:00:00",
"dateUpdated": "2024-08-06T05:47:57.338Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-1864 (GCVE-0-2013-1864)
Vulnerability from cvelistv5
Published
2014-05-23 14:00
Modified
2024-08-06 15:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a "billion laughs attack."
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:35.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "52659",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/52659"
},
{
"name": "SUSE-SU-2014:0237",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html"
},
{
"name": "ptlib-xml-dos(82885)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82885"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available"
},
{
"name": "FEDORA-2013-2998",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html"
},
{
"name": "91439",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/91439"
},
{
"name": "[oss-security] 20130315 Re: CVE request: billion laughs flaw in ptlib",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2013/q1/674"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/opalvoip/code/28856"
},
{
"name": "58520",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/58520"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a \"billion laughs attack.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "52659",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/52659"
},
{
"name": "SUSE-SU-2014:0237",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html"
},
{
"name": "ptlib-xml-dos(82885)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82885"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available"
},
{
"name": "FEDORA-2013-2998",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html"
},
{
"name": "91439",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/91439"
},
{
"name": "[oss-security] 20130315 Re: CVE request: billion laughs flaw in ptlib",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2013/q1/674"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/opalvoip/code/28856"
},
{
"name": "58520",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/58520"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-1864",
"datePublished": "2014-05-23T14:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:20:35.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1487 (GCVE-0-2014-1487)
Vulnerability from cvelistv5
Published
2014-02-06 02:00
Modified
2024-08-06 09:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:35.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2119-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "openSUSE-SU-2014:0212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=947592"
},
{
"name": "1029717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"name": "65330",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65330"
},
{
"name": "mozilla-cve20141487-info-disc(90889)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90889"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "102873",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/102873"
},
{
"name": "RHSA-2014:0133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56761"
},
{
"name": "FEDORA-2014-2041",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "SUSE-SU-2014:0248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56706"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-02T19:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "USN-2119-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "openSUSE-SU-2014:0212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=947592"
},
{
"name": "1029717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"name": "65330",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65330"
},
{
"name": "mozilla-cve20141487-info-disc(90889)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90889"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "102873",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/102873"
},
{
"name": "RHSA-2014:0133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56761"
},
{
"name": "FEDORA-2014-2041",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "SUSE-SU-2014:0248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56706"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1487",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2119-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"name": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "openSUSE-SU-2014:0212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=947592",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=947592"
},
{
"name": "1029717",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029717"
},
{
"name": "65330",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65330"
},
{
"name": "mozilla-cve20141487-info-disc(90889)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90889"
},
{
"name": "https://8pecxstudios.com/?page_id=44080",
"refsource": "CONFIRM",
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "102873",
"refsource": "OSVDB",
"url": "http://osvdb.org/102873"
},
{
"name": "RHSA-2014:0133",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56761"
},
{
"name": "FEDORA-2014-2041",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "SUSE-SU-2014:0248",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56706"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1487",
"datePublished": "2014-02-06T02:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:35.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5830 (GCVE-0-2012-5830)
Vulnerability from cvelistv5
Published
2012-11-21 11:00
Modified
2024-08-06 21:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:21:26.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-1638-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1638-3"
},
{
"name": "51370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51370"
},
{
"name": "USN-1638-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1638-2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=775228"
},
{
"name": "openSUSE-SU-2012:1586",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html"
},
{
"name": "USN-1636-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1636-1"
},
{
"name": "openSUSE-SU-2013:0175",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html"
},
{
"name": "RHSA-2012:1483",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1483.html"
},
{
"name": "firefox-html-file-code-execution(80183)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80183"
},
{
"name": "RHSA-2012:1482",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1482.html"
},
{
"name": "51434",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51434"
},
{
"name": "openSUSE-SU-2012:1583",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html"
},
{
"name": "51439",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51439"
},
{
"name": "51440",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51440"
},
{
"name": "USN-1638-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1638-1"
},
{
"name": "SUSE-SU-2012:1592",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-106.html"
},
{
"name": "51359",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51359"
},
{
"name": "openSUSE-SU-2012:1585",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html"
},
{
"name": "51381",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51381"
},
{
"name": "87598",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/87598"
},
{
"name": "51369",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51369"
},
{
"name": "51360",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51360"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-1638-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1638-3"
},
{
"name": "51370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51370"
},
{
"name": "USN-1638-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1638-2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=775228"
},
{
"name": "openSUSE-SU-2012:1586",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html"
},
{
"name": "USN-1636-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1636-1"
},
{
"name": "openSUSE-SU-2013:0175",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html"
},
{
"name": "RHSA-2012:1483",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1483.html"
},
{
"name": "firefox-html-file-code-execution(80183)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80183"
},
{
"name": "RHSA-2012:1482",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1482.html"
},
{
"name": "51434",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51434"
},
{
"name": "openSUSE-SU-2012:1583",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html"
},
{
"name": "51439",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51439"
},
{
"name": "51440",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51440"
},
{
"name": "USN-1638-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1638-1"
},
{
"name": "SUSE-SU-2012:1592",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-106.html"
},
{
"name": "51359",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51359"
},
{
"name": "openSUSE-SU-2012:1585",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html"
},
{
"name": "51381",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51381"
},
{
"name": "87598",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/87598"
},
{
"name": "51369",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51369"
},
{
"name": "51360",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51360"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5830",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-1638-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1638-3"
},
{
"name": "51370",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51370"
},
{
"name": "USN-1638-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1638-2"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=775228",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=775228"
},
{
"name": "openSUSE-SU-2012:1586",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html"
},
{
"name": "USN-1636-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1636-1"
},
{
"name": "openSUSE-SU-2013:0175",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html"
},
{
"name": "RHSA-2012:1483",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1483.html"
},
{
"name": "firefox-html-file-code-execution(80183)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80183"
},
{
"name": "RHSA-2012:1482",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1482.html"
},
{
"name": "51434",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51434"
},
{
"name": "openSUSE-SU-2012:1583",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html"
},
{
"name": "51439",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51439"
},
{
"name": "51440",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51440"
},
{
"name": "USN-1638-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1638-1"
},
{
"name": "SUSE-SU-2012:1592",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-106.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-106.html"
},
{
"name": "51359",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51359"
},
{
"name": "openSUSE-SU-2012:1585",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html"
},
{
"name": "51381",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51381"
},
{
"name": "87598",
"refsource": "OSVDB",
"url": "http://osvdb.org/87598"
},
{
"name": "51369",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51369"
},
{
"name": "51360",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51360"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5830",
"datePublished": "2012-11-21T11:00:00",
"dateReserved": "2012-11-05T00:00:00",
"dateUpdated": "2024-08-06T21:21:26.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1508 (GCVE-0-2014-1508)
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:36.374Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-26.html"
},
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "DSA-2911",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=963198"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "66426",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66426"
},
{
"name": "DSA-2881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-15T17:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-26.html"
},
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "DSA-2911",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=963198"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "66426",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66426"
},
{
"name": "DSA-2881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1508",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-26.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-26.html"
},
{
"name": "RHSA-2014:0310",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "DSA-2911",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=963198",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=963198"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "66426",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66426"
},
{
"name": "DSA-2881",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1508",
"datePublished": "2014-03-19T10:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:36.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1514 (GCVE-0-2014-1514)
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:36.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "DSA-2911",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html"
},
{
"name": "DSA-2881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=983344"
},
{
"name": "66240",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66240"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-15T17:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "DSA-2911",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html"
},
{
"name": "DSA-2881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=983344"
},
{
"name": "66240",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66240"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1514",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0310",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "DSA-2911",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html"
},
{
"name": "DSA-2881",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=983344",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=983344"
},
{
"name": "66240",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66240"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1514",
"datePublished": "2014-03-19T10:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:36.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0439 (GCVE-0-2015-0439)
Vulnerability from cvelistv5
Published
2015-04-16 16:00
Modified
2024-08-06 04:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:10.469Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "74085",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74085"
},
{
"name": "GLSA-201507-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201507-19"
},
{
"name": "1032121",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032121"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "SUSE-SU-2015:0946",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T16:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "74085",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74085"
},
{
"name": "GLSA-201507-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201507-19"
},
{
"name": "1032121",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032121"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "SUSE-SU-2015:0946",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0439",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "74085",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74085"
},
{
"name": "GLSA-201507-19",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201507-19"
},
{
"name": "1032121",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032121"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "SUSE-SU-2015:0946",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-0439",
"datePublished": "2015-04-16T16:00:00",
"dateReserved": "2014-12-17T00:00:00",
"dateUpdated": "2024-08-06T04:10:10.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8845 (GCVE-0-2015-8845)
Vulnerability from cvelistv5
Published
2016-04-27 17:00
Modified
2024-08-06 08:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:29:22.035Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:1690",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
},
{
"name": "openSUSE-SU-2016:2184",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"name": "[oss-security] 20160413 CVE Request: Linux kernel: incorrect restoration of machine specific registers from signal handler.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/04/13/1"
},
{
"name": "RHSA-2016:2584",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
},
{
"name": "RHSA-2016:2574",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
},
{
"name": "1035594",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035594"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1326540"
},
{
"name": "SUSE-SU-2016:2105",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142"
},
{
"name": "SUSE-SU-2016:1937",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SU-2016:1690",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
},
{
"name": "openSUSE-SU-2016:2184",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"name": "[oss-security] 20160413 CVE Request: Linux kernel: incorrect restoration of machine specific registers from signal handler.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/04/13/1"
},
{
"name": "RHSA-2016:2584",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
},
{
"name": "RHSA-2016:2574",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
},
{
"name": "1035594",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035594"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1326540"
},
{
"name": "SUSE-SU-2016:2105",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142"
},
{
"name": "SUSE-SU-2016:1937",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8845",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:1690",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
},
{
"name": "openSUSE-SU-2016:2184",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"name": "[oss-security] 20160413 CVE Request: Linux kernel: incorrect restoration of machine specific registers from signal handler.",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/04/13/1"
},
{
"name": "RHSA-2016:2584",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
},
{
"name": "RHSA-2016:2574",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
},
{
"name": "1035594",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035594"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1326540",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1326540"
},
{
"name": "SUSE-SU-2016:2105",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"name": "https://github.com/torvalds/linux/commit/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142"
},
{
"name": "SUSE-SU-2016:1937",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8845",
"datePublished": "2016-04-27T17:00:00",
"dateReserved": "2016-04-13T00:00:00",
"dateUpdated": "2024-08-06T08:29:22.035Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5609 (GCVE-0-2013-5609)
Vulnerability from cvelistv5
Published
2013-12-11 15:00
Modified
2024-08-06 17:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:21.492Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=905382"
},
{
"name": "openSUSE-SU-2013:1958",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=886850"
},
{
"name": "openSUSE-SU-2013:1957",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-104.html"
},
{
"name": "RHSA-2013:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=922009"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=937582"
},
{
"name": "USN-2053-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=905382"
},
{
"name": "openSUSE-SU-2013:1958",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=886850"
},
{
"name": "openSUSE-SU-2013:1957",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-104.html"
},
{
"name": "RHSA-2013:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=922009"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=937582"
},
{
"name": "USN-2053-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2013-5609",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=905382",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=905382"
},
{
"name": "openSUSE-SU-2013:1958",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=886850",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=886850"
},
{
"name": "openSUSE-SU-2013:1957",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"name": "http://www.mozilla.org/security/announce/2013/mfsa2013-104.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-104.html"
},
{
"name": "RHSA-2013:1812",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=922009",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=922009"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=937582",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=937582"
},
{
"name": "USN-2053-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2013-5609",
"datePublished": "2013-12-11T15:00:00",
"dateReserved": "2013-08-26T00:00:00",
"dateUpdated": "2024-08-06T17:15:21.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1497 (GCVE-0-2014-1497)
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:36.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "66423",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66423"
},
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-17.html"
},
{
"name": "DSA-2911",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "DSA-2881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=966311"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-15T17:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "66423",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66423"
},
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-17.html"
},
{
"name": "DSA-2911",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "DSA-2881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=966311"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1497",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "66423",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66423"
},
{
"name": "RHSA-2014:0310",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-17.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-17.html"
},
{
"name": "DSA-2911",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "DSA-2881",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=966311",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=966311"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1497",
"datePublished": "2014-03-19T10:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:36.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5753 (GCVE-0-2017-5753)
Vulnerability from cvelistv5
Published
2018-01-04 13:00
Modified
2024-09-16 22:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Most Modern Operating Systems |
Version: All |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:11:48.670Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
},
{
"name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
},
{
"name": "DSA-4187",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"name": "USN-3542-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3542-2/"
},
{
"name": "GLSA-201810-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-06"
},
{
"name": "USN-3540-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3540-2/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002"
},
{
"name": "USN-3597-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3597-1/"
},
{
"name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
},
{
"name": "SUSE-SU-2018:0012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
},
{
"name": "SUSE-SU-2018:0011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
},
{
"name": "USN-3580-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3580-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K91229003"
},
{
"name": "openSUSE-SU-2018:0022",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
},
{
"name": "DSA-4188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"name": "RHSA-2018:0292",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0292"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-254.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt"
},
{
"name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"name": "VU#584653",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/584653"
},
{
"name": "VU#180049",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us"
},
{
"name": "USN-3549-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3549-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX231399"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://spectreattack.com/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
},
{
"name": "1040071",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040071"
},
{
"name": "102371",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102371"
},
{
"name": "USN-3597-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3597-2/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
},
{
"name": "SUSE-SU-2018:0010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
},
{
"name": "USN-3540-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3540-1/"
},
{
"name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel"
},
{
"name": "USN-3516-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/usn/usn-3516-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html"
},
{
"name": "43427",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/43427/"
},
{
"name": "USN-3541-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3541-1/"
},
{
"name": "USN-3541-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3541-2/"
},
{
"name": "USN-3542-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3542-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-18282"
},
{
"name": "openSUSE-SU-2018:0023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
},
{
"name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Jun/36"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cdrdv2.intel.com/v1/dl/getContent/685359"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Most Modern Operating Systems",
"vendor": "Intel Corporation",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
],
"datePublic": "2018-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-19T17:48:07",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
},
{
"name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
},
{
"name": "DSA-4187",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"name": "USN-3542-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3542-2/"
},
{
"name": "GLSA-201810-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-06"
},
{
"name": "USN-3540-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3540-2/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002"
},
{
"name": "USN-3597-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3597-1/"
},
{
"name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
},
{
"name": "SUSE-SU-2018:0012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
},
{
"name": "SUSE-SU-2018:0011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
},
{
"name": "USN-3580-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3580-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K91229003"
},
{
"name": "openSUSE-SU-2018:0022",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
},
{
"name": "DSA-4188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"name": "RHSA-2018:0292",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0292"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-254.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt"
},
{
"name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"name": "VU#584653",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/584653"
},
{
"name": "VU#180049",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us"
},
{
"name": "USN-3549-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3549-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX231399"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://spectreattack.com/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
},
{
"name": "1040071",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040071"
},
{
"name": "102371",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102371"
},
{
"name": "USN-3597-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3597-2/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
},
{
"name": "SUSE-SU-2018:0010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
},
{
"name": "USN-3540-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3540-1/"
},
{
"name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel"
},
{
"name": "USN-3516-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/usn/usn-3516-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html"
},
{
"name": "43427",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/43427/"
},
{
"name": "USN-3541-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3541-1/"
},
{
"name": "USN-3541-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3541-2/"
},
{
"name": "USN-3542-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3542-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-18282"
},
{
"name": "openSUSE-SU-2018:0023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
},
{
"name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Jun/36"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cdrdv2.intel.com/v1/dl/getContent/685359"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2018-01-03T00:00:00",
"ID": "CVE-2017-5753",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Most Modern Operating Systems",
"version": {
"version_data": [
{
"version_value": "All"
}
]
}
}
]
},
"vendor_name": "Intel Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
},
{
"name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
},
{
"name": "DSA-4187",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"name": "USN-3542-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3542-2/"
},
{
"name": "GLSA-201810-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-06"
},
{
"name": "USN-3540-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3540-2/"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/speculativeexecution",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002"
},
{
"name": "USN-3597-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3597-1/"
},
{
"name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
},
{
"name": "SUSE-SU-2018:0012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
},
{
"name": "SUSE-SU-2018:0011",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
},
{
"name": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html",
"refsource": "MISC",
"url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2018-002",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
},
{
"name": "USN-3580-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3580-1/"
},
{
"name": "https://support.f5.com/csp/article/K91229003",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K91229003"
},
{
"name": "openSUSE-SU-2018:0022",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
},
{
"name": "DSA-4188",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"name": "RHSA-2018:0292",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0292"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-254.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-254.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180104-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
},
{
"name": "https://www.synology.com/support/security/Synology_SA_18_01",
"refsource": "CONFIRM",
"url": "https://www.synology.com/support/security/Synology_SA_18_01"
},
{
"name": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt"
},
{
"name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
},
{
"name": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability",
"refsource": "CONFIRM",
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"name": "VU#584653",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/584653"
},
{
"name": "VU#180049",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2018-003",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us"
},
{
"name": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001",
"refsource": "CONFIRM",
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us"
},
{
"name": "USN-3549-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3549-1/"
},
{
"name": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/",
"refsource": "CONFIRM",
"url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
},
{
"name": "https://support.citrix.com/article/CTX231399",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX231399"
},
{
"name": "https://spectreattack.com/",
"refsource": "MISC",
"url": "https://spectreattack.com/"
},
{
"name": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/",
"refsource": "CONFIRM",
"url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/"
},
{
"name": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/",
"refsource": "CONFIRM",
"url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
},
{
"name": "1040071",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040071"
},
{
"name": "102371",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102371"
},
{
"name": "USN-3597-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3597-2/"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
},
{
"name": "SUSE-SU-2018:0010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
},
{
"name": "USN-3540-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3540-1/"
},
{
"name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel"
},
{
"name": "USN-3516-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/usn/usn-3516-1/"
},
{
"name": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html"
},
{
"name": "43427",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43427/"
},
{
"name": "USN-3541-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3541-1/"
},
{
"name": "USN-3541-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3541-2/"
},
{
"name": "USN-3542-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3542-1/"
},
{
"name": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html",
"refsource": "MISC",
"url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
},
{
"name": "https://support.lenovo.com/us/en/solutions/LEN-18282",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/solutions/LEN-18282"
},
{
"name": "openSUSE-SU-2018:0023",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
},
{
"name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Jun/36"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"name": "https://cdrdv2.intel.com/v1/dl/getContent/685359",
"refsource": "CONFIRM",
"url": "https://cdrdv2.intel.com/v1/dl/getContent/685359"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2017-5753",
"datePublished": "2018-01-04T13:00:00Z",
"dateReserved": "2017-02-01T00:00:00",
"dateUpdated": "2024-09-16T22:24:53.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1496 (GCVE-0-2014-1496)
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:36.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=925747"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=925747"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-16.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1496",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=925747",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=925747"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-16.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-16.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1496",
"datePublished": "2014-03-19T10:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:36.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5618 (GCVE-0-2013-5618)
Vulnerability from cvelistv5
Published
2013-12-11 15:00
Modified
2024-08-06 17:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:21.442Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-109.html"
},
{
"name": "openSUSE-SU-2013:1958",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"name": "openSUSE-SU-2013:1957",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=926361"
},
{
"name": "openSUSE-SU-2013:1959",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"name": "RHSA-2013:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"name": "USN-2053-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-109.html"
},
{
"name": "openSUSE-SU-2013:1958",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"name": "openSUSE-SU-2013:1957",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=926361"
},
{
"name": "openSUSE-SU-2013:1959",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"name": "RHSA-2013:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"name": "USN-2053-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2013-5618",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.mozilla.org/security/announce/2013/mfsa2013-109.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-109.html"
},
{
"name": "openSUSE-SU-2013:1958",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"name": "openSUSE-SU-2013:1957",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=926361",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=926361"
},
{
"name": "openSUSE-SU-2013:1959",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"name": "RHSA-2013:1812",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"name": "USN-2053-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2013-5618",
"datePublished": "2013-12-11T15:00:00",
"dateReserved": "2013-08-26T00:00:00",
"dateUpdated": "2024-08-06T17:15:21.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1511 (GCVE-0-2014-1511)
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:36.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "66207",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66207"
},
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "DSA-2911",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982909"
},
{
"name": "DSA-2881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-15T17:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "66207",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66207"
},
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "DSA-2911",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982909"
},
{
"name": "DSA-2881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1511",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "66207",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66207"
},
{
"name": "RHSA-2014:0310",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "DSA-2911",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=982909",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982909"
},
{
"name": "DSA-2881",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1511",
"datePublished": "2014-03-19T10:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:36.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0500 (GCVE-0-2015-0500)
Vulnerability from cvelistv5
Published
2015-04-16 16:00
Modified
2024-08-06 04:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:11.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201507-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201507-19"
},
{
"name": "1032121",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032121"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "74081",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74081"
},
{
"name": "SUSE-SU-2015:0946",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T16:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "GLSA-201507-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201507-19"
},
{
"name": "1032121",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032121"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "74081",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74081"
},
{
"name": "SUSE-SU-2015:0946",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201507-19",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201507-19"
},
{
"name": "1032121",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032121"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "74081",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74081"
},
{
"name": "SUSE-SU-2015:0946",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-0500",
"datePublished": "2015-04-16T16:00:00",
"dateReserved": "2014-12-17T00:00:00",
"dateUpdated": "2024-08-06T04:10:11.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5615 (GCVE-0-2013-5615)
Vulnerability from cvelistv5
Published
2013-12-11 15:00
Modified
2024-08-06 17:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:21.503Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2013:1958",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"name": "openSUSE-SU-2013:1957",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-115.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=929261"
},
{
"name": "USN-2052-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"name": "USN-2053-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "openSUSE-SU-2013:1958",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"name": "openSUSE-SU-2013:1957",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-115.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=929261"
},
{
"name": "USN-2052-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"name": "USN-2053-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2013-5615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2013:1958",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"name": "openSUSE-SU-2013:1957",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"name": "http://www.mozilla.org/security/announce/2013/mfsa2013-115.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-115.html"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=929261",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=929261"
},
{
"name": "USN-2052-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"name": "USN-2053-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2013-5615",
"datePublished": "2013-12-11T15:00:00",
"dateReserved": "2013-08-26T00:00:00",
"dateUpdated": "2024-08-06T17:15:21.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3951 (GCVE-0-2016-3951)
Vulnerability from cvelistv5
Published
2016-05-02 10:00
Modified
2024-08-06 00:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:10:31.959Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:1690",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"name": "USN-3004-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3004-1"
},
{
"name": "USN-3001-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3001-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/4d06dd537f95683aba3651098ae288b7cbff8274"
},
{
"name": "SUSE-SU-2016:1696",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324782"
},
{
"name": "USN-3021-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3021-2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b"
},
{
"name": "SUSE-SU-2016:1764",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"name": "USN-3000-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3000-1"
},
{
"name": "DSA-3607",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3607"
},
{
"name": "91028",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91028"
},
{
"name": "1036763",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036763"
},
{
"name": "USN-3002-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3002-1"
},
{
"name": "USN-3021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3021-1"
},
{
"name": "[oss-security] 20160406 Fwd: CVE Request: Linux: usbnet: memory corruption triggered by invalid USB descriptor",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/04/06/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/1666984c8625b3db19a9abc298931d35ab7bc64b"
},
{
"name": "USN-2989-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2989-1"
},
{
"name": "[netdev] 20160304 Re: Possible double-free in the usbnet driver",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://www.spinics.net/lists/netdev/msg367669.html"
},
{
"name": "openSUSE-SU-2016:1382",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
},
{
"name": "USN-3003-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3003-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274"
},
{
"name": "USN-2998-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2998-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SU-2016:1690",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"name": "USN-3004-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3004-1"
},
{
"name": "USN-3001-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3001-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/4d06dd537f95683aba3651098ae288b7cbff8274"
},
{
"name": "SUSE-SU-2016:1696",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324782"
},
{
"name": "USN-3021-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3021-2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b"
},
{
"name": "SUSE-SU-2016:1764",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"name": "USN-3000-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3000-1"
},
{
"name": "DSA-3607",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3607"
},
{
"name": "91028",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91028"
},
{
"name": "1036763",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036763"
},
{
"name": "USN-3002-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3002-1"
},
{
"name": "USN-3021-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3021-1"
},
{
"name": "[oss-security] 20160406 Fwd: CVE Request: Linux: usbnet: memory corruption triggered by invalid USB descriptor",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/04/06/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/1666984c8625b3db19a9abc298931d35ab7bc64b"
},
{
"name": "USN-2989-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2989-1"
},
{
"name": "[netdev] 20160304 Re: Possible double-free in the usbnet driver",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://www.spinics.net/lists/netdev/msg367669.html"
},
{
"name": "openSUSE-SU-2016:1382",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
},
{
"name": "USN-3003-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3003-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274"
},
{
"name": "USN-2998-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2998-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3951",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:1690",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"name": "USN-3004-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3004-1"
},
{
"name": "USN-3001-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3001-1"
},
{
"name": "https://github.com/torvalds/linux/commit/4d06dd537f95683aba3651098ae288b7cbff8274",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/4d06dd537f95683aba3651098ae288b7cbff8274"
},
{
"name": "SUSE-SU-2016:1696",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1324782",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324782"
},
{
"name": "USN-3021-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3021-2"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b"
},
{
"name": "SUSE-SU-2016:1764",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"name": "USN-3000-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3000-1"
},
{
"name": "DSA-3607",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3607"
},
{
"name": "91028",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91028"
},
{
"name": "1036763",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036763"
},
{
"name": "USN-3002-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3002-1"
},
{
"name": "USN-3021-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3021-1"
},
{
"name": "[oss-security] 20160406 Fwd: CVE Request: Linux: usbnet: memory corruption triggered by invalid USB descriptor",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/04/06/4"
},
{
"name": "https://github.com/torvalds/linux/commit/1666984c8625b3db19a9abc298931d35ab7bc64b",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/1666984c8625b3db19a9abc298931d35ab7bc64b"
},
{
"name": "USN-2989-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2989-1"
},
{
"name": "[netdev] 20160304 Re: Possible double-free in the usbnet driver",
"refsource": "MLIST",
"url": "https://www.spinics.net/lists/netdev/msg367669.html"
},
{
"name": "openSUSE-SU-2016:1382",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
},
{
"name": "USN-3003-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3003-1"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274"
},
{
"name": "USN-2998-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2998-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-3951",
"datePublished": "2016-05-02T10:00:00",
"dateReserved": "2016-04-05T00:00:00",
"dateUpdated": "2024-08-06T00:10:31.959Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1481 (GCVE-0-2014-1481)
Vulnerability from cvelistv5
Published
2014-02-06 02:00
Modified
2024-08-06 09:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:35.868Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2119-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "65326",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65326"
},
{
"name": "openSUSE-SU-2014:0212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "1029717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "102863",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/102863"
},
{
"name": "56858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=936056"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56761"
},
{
"name": "FEDORA-2014-2041",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "SUSE-SU-2014:0248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "firefox-cve20141481-sec-bypass(90883)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90883"
},
{
"name": "openSUSE-SU-2014:0213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56706"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-02T19:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "USN-2119-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "65326",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65326"
},
{
"name": "openSUSE-SU-2014:0212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "1029717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "102863",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/102863"
},
{
"name": "56858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=936056"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56761"
},
{
"name": "FEDORA-2014-2041",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "SUSE-SU-2014:0248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "firefox-cve20141481-sec-bypass(90883)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90883"
},
{
"name": "openSUSE-SU-2014:0213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56706"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1481",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2119-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"name": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "65326",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65326"
},
{
"name": "openSUSE-SU-2014:0212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "1029717",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029717"
},
{
"name": "https://8pecxstudios.com/?page_id=44080",
"refsource": "CONFIRM",
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "102863",
"refsource": "OSVDB",
"url": "http://osvdb.org/102863"
},
{
"name": "56858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=936056",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=936056"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html"
},
{
"name": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56761"
},
{
"name": "FEDORA-2014-2041",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "SUSE-SU-2014:0248",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "firefox-cve20141481-sec-bypass(90883)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90883"
},
{
"name": "openSUSE-SU-2014:0213",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56706"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1481",
"datePublished": "2014-02-06T02:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:35.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1477 (GCVE-0-2014-1477)
Vulnerability from cvelistv5
Published
2014-02-06 02:00
Modified
2024-08-06 09:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:35.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2119-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "openSUSE-SU-2014:0212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950000"
},
{
"name": "1029717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=953114"
},
{
"name": "56787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=945334"
},
{
"name": "56763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56763"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=925896"
},
{
"name": "firefox-cve20141477-code-exec(90899)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90899"
},
{
"name": "USN-2102-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "65317",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65317"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950438"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=937132"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56761"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=921470"
},
{
"name": "102864",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/102864"
},
{
"name": "FEDORA-2014-2041",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=937697"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=945939"
},
{
"name": "SUSE-SU-2014:0248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56706"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=951366"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=936808"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-02T19:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "USN-2119-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "openSUSE-SU-2014:0212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950000"
},
{
"name": "1029717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=953114"
},
{
"name": "56787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=945334"
},
{
"name": "56763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56763"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=925896"
},
{
"name": "firefox-cve20141477-code-exec(90899)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90899"
},
{
"name": "USN-2102-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "65317",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65317"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950438"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=937132"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56761"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=921470"
},
{
"name": "102864",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/102864"
},
{
"name": "FEDORA-2014-2041",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=937697"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=945939"
},
{
"name": "SUSE-SU-2014:0248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56706"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=951366"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=936808"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1477",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2119-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"name": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "openSUSE-SU-2014:0212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=950000",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950000"
},
{
"name": "1029717",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029717"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html"
},
{
"name": "https://8pecxstudios.com/?page_id=44080",
"refsource": "CONFIRM",
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=953114",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=953114"
},
{
"name": "56787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=945334",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=945334"
},
{
"name": "56763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56763"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=925896",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=925896"
},
{
"name": "firefox-cve20141477-code-exec(90899)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90899"
},
{
"name": "USN-2102-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "65317",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65317"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=950438",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950438"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=937132",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=937132"
},
{
"name": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56761"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=921470",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=921470"
},
{
"name": "102864",
"refsource": "OSVDB",
"url": "http://osvdb.org/102864"
},
{
"name": "FEDORA-2014-2041",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=937697",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=937697"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=945939",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=945939"
},
{
"name": "SUSE-SU-2014:0248",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56706"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=951366",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=951366"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=936808",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=936808"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1477",
"datePublished": "2014-02-06T02:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:35.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6673 (GCVE-0-2013-6673)
Vulnerability from cvelistv5
Published
2013-12-11 15:00
Modified
2024-08-06 17:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:22.836Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "64213",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64213"
},
{
"name": "openSUSE-SU-2013:1958",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"name": "openSUSE-SU-2013:1957",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=917380"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-113.html"
},
{
"name": "USN-2053-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user\u0027s removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "64213",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64213"
},
{
"name": "openSUSE-SU-2013:1958",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"name": "openSUSE-SU-2013:1957",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=917380"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-113.html"
},
{
"name": "USN-2053-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2013-6673",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user\u0027s removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "64213",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64213"
},
{
"name": "openSUSE-SU-2013:1958",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"name": "openSUSE-SU-2013:1957",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=917380",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=917380"
},
{
"name": "http://www.mozilla.org/security/announce/2013/mfsa2013-113.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-113.html"
},
{
"name": "USN-2053-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2013-6673",
"datePublished": "2013-12-11T15:00:00",
"dateReserved": "2013-11-05T00:00:00",
"dateUpdated": "2024-08-06T17:46:22.836Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5244 (GCVE-0-2016-5244)
Vulnerability from cvelistv5
Published
2016-06-27 10:00
Modified
2024-08-06 00:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:53:48.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb"
},
{
"name": "SUSE-SU-2016:1690",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"name": "USN-3070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3070-1"
},
{
"name": "[oss-security] 20160603 Re: CVE Request: rds: fix an infoleak in rds_inc_info_copy",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/03/5"
},
{
"name": "SUSE-SU-2016:1985",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
},
{
"name": "openSUSE-SU-2016:2184",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://patchwork.ozlabs.org/patch/629110/"
},
{
"name": "USN-3070-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3070-3"
},
{
"name": "1041895",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041895"
},
{
"name": "openSUSE-SU-2016:1641",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"
},
{
"name": "91021",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91021"
},
{
"name": "DSA-3607",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3607"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb"
},
{
"name": "USN-3070-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3070-2"
},
{
"name": "SUSE-SU-2016:1672",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343337"
},
{
"name": "USN-3071-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3071-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "USN-3070-4",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3070-4"
},
{
"name": "SUSE-SU-2016:2105",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"name": "USN-3072-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3072-2"
},
{
"name": "USN-3072-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3072-1"
},
{
"name": "USN-3071-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3071-2"
},
{
"name": "SUSE-SU-2016:1937",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb"
},
{
"name": "SUSE-SU-2016:1690",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"name": "USN-3070-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3070-1"
},
{
"name": "[oss-security] 20160603 Re: CVE Request: rds: fix an infoleak in rds_inc_info_copy",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/03/5"
},
{
"name": "SUSE-SU-2016:1985",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
},
{
"name": "openSUSE-SU-2016:2184",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://patchwork.ozlabs.org/patch/629110/"
},
{
"name": "USN-3070-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3070-3"
},
{
"name": "1041895",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041895"
},
{
"name": "openSUSE-SU-2016:1641",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"
},
{
"name": "91021",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91021"
},
{
"name": "DSA-3607",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3607"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb"
},
{
"name": "USN-3070-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3070-2"
},
{
"name": "SUSE-SU-2016:1672",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343337"
},
{
"name": "USN-3071-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3071-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "USN-3070-4",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3070-4"
},
{
"name": "SUSE-SU-2016:2105",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"name": "USN-3072-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3072-2"
},
{
"name": "USN-3072-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3072-1"
},
{
"name": "USN-3071-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3071-2"
},
{
"name": "SUSE-SU-2016:1937",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb"
},
{
"name": "SUSE-SU-2016:1690",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"name": "USN-3070-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3070-1"
},
{
"name": "[oss-security] 20160603 Re: CVE Request: rds: fix an infoleak in rds_inc_info_copy",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/03/5"
},
{
"name": "SUSE-SU-2016:1985",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
},
{
"name": "openSUSE-SU-2016:2184",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"name": "https://patchwork.ozlabs.org/patch/629110/",
"refsource": "CONFIRM",
"url": "https://patchwork.ozlabs.org/patch/629110/"
},
{
"name": "USN-3070-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3070-3"
},
{
"name": "1041895",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041895"
},
{
"name": "openSUSE-SU-2016:1641",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"
},
{
"name": "91021",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91021"
},
{
"name": "DSA-3607",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3607"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb"
},
{
"name": "USN-3070-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3070-2"
},
{
"name": "SUSE-SU-2016:1672",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343337",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343337"
},
{
"name": "USN-3071-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3071-1"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "USN-3070-4",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3070-4"
},
{
"name": "SUSE-SU-2016:2105",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"name": "USN-3072-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3072-2"
},
{
"name": "USN-3072-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3072-1"
},
{
"name": "USN-3071-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3071-2"
},
{
"name": "SUSE-SU-2016:1937",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5244",
"datePublished": "2016-06-27T10:00:00",
"dateReserved": "2016-06-03T00:00:00",
"dateUpdated": "2024-08-06T00:53:48.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1509 (GCVE-0-2014-1509)
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:36.199Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "66425",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66425"
},
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-27.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=966021"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "66425",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66425"
},
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-27.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=966021"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1509",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "66425",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66425"
},
{
"name": "RHSA-2014:0310",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-27.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-27.html"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=966021",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=966021"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1509",
"datePublished": "2014-03-19T10:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:36.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1483 (GCVE-0-2014-1483)
Vulnerability from cvelistv5
Published
2014-02-06 02:00
Modified
2024-08-06 09:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:35.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2014:0212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "1029717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "56787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950427"
},
{
"name": "65316",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65316"
},
{
"name": "USN-2102-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "firefox-cve20141483-info-disc(90893)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90893"
},
{
"name": "56888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56888"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-05.html"
},
{
"name": "102869",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/102869"
},
{
"name": "SUSE-SU-2014:0248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "USN-2102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56706"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-02T19:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "openSUSE-SU-2014:0212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "1029717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "56787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950427"
},
{
"name": "65316",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65316"
},
{
"name": "USN-2102-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "firefox-cve20141483-info-disc(90893)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90893"
},
{
"name": "56888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56888"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-05.html"
},
{
"name": "102869",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/102869"
},
{
"name": "SUSE-SU-2014:0248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "USN-2102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56706"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1483",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2014:0212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "1029717",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029717"
},
{
"name": "https://8pecxstudios.com/?page_id=44080",
"refsource": "CONFIRM",
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "56787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=950427",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950427"
},
{
"name": "65316",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65316"
},
{
"name": "USN-2102-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "firefox-cve20141483-info-disc(90893)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90893"
},
{
"name": "56888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56888"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-05.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-05.html"
},
{
"name": "102869",
"refsource": "OSVDB",
"url": "http://osvdb.org/102869"
},
{
"name": "SUSE-SU-2014:0248",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "USN-2102-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56706"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1483",
"datePublished": "2014-02-06T02:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:35.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6671 (GCVE-0-2013-6671)
Vulnerability from cvelistv5
Published
2013-12-11 15:00
Modified
2024-08-06 17:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:22.682Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2013:1958",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"name": "openSUSE-SU-2013:1957",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "64212",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64212"
},
{
"name": "openSUSE-SU-2013:1918",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=930281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-111.html"
},
{
"name": "RHSA-2013:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"name": "USN-2053-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "openSUSE-SU-2013:1958",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"name": "openSUSE-SU-2013:1957",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "64212",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64212"
},
{
"name": "openSUSE-SU-2013:1918",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=930281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-111.html"
},
{
"name": "RHSA-2013:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"name": "USN-2053-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2013-6671",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2013:1958",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"name": "openSUSE-SU-2013:1957",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "64212",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64212"
},
{
"name": "openSUSE-SU-2013:1918",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=930281",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=930281"
},
{
"name": "http://www.mozilla.org/security/announce/2013/mfsa2013-111.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-111.html"
},
{
"name": "RHSA-2013:1812",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"name": "USN-2053-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2013-6671",
"datePublished": "2013-12-11T15:00:00",
"dateReserved": "2013-11-05T00:00:00",
"dateUpdated": "2024-08-06T17:46:22.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1493 (GCVE-0-2014-1493)
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:36.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=896268"
},
{
"name": "66412",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66412"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=967341"
},
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "DSA-2911",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-15.html"
},
{
"name": "DSA-2881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=960145"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=965982"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=977538"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=963974"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=958867"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-15T17:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=896268"
},
{
"name": "66412",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66412"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=967341"
},
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "DSA-2911",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-15.html"
},
{
"name": "DSA-2881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=960145"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=965982"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=977538"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=963974"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=958867"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1493",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=896268",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=896268"
},
{
"name": "66412",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66412"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=967341",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=967341"
},
{
"name": "RHSA-2014:0310",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "DSA-2911",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-15.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-15.html"
},
{
"name": "DSA-2881",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=960145",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=960145"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=965982",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=965982"
},
{
"name": "RHSA-2014:0316",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=977538",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=977538"
},
{
"name": "openSUSE-SU-2014:0448",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=963974",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=963974"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=958867",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=958867"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1493",
"datePublished": "2014-03-19T10:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:36.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5616 (GCVE-0-2013-5616)
Vulnerability from cvelistv5
Published
2013-12-11 15:00
Modified
2024-08-06 17:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:21.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2013:1958",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"name": "openSUSE-SU-2013:1957",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=938341"
},
{
"name": "FEDORA-2013-23127",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-108.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"name": "RHSA-2013:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"name": "USN-2053-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "openSUSE-SU-2013:1958",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"name": "openSUSE-SU-2013:1957",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=938341"
},
{
"name": "FEDORA-2013-23127",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-108.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"name": "RHSA-2013:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"name": "USN-2053-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2013-5616",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2013:1958",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"name": "openSUSE-SU-2013:1957",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=938341",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=938341"
},
{
"name": "FEDORA-2013-23127",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "openSUSE-SU-2013:1917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"name": "http://www.mozilla.org/security/announce/2013/mfsa2013-108.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-108.html"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"name": "RHSA-2013:1812",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"name": "USN-2053-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2013-5616",
"datePublished": "2013-12-11T15:00:00",
"dateReserved": "2013-08-26T00:00:00",
"dateUpdated": "2024-08-06T17:15:21.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1510 (GCVE-0-2014-1510)
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:36.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "DSA-2911",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "66206",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66206"
},
{
"name": "DSA-2881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982906"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-15T17:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "DSA-2911",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "66206",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66206"
},
{
"name": "DSA-2881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982906"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1510",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0310",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "DSA-2911",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "66206",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66206"
},
{
"name": "DSA-2881",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=982906",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982906"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1510",
"datePublished": "2014-03-19T10:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:36.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5613 (GCVE-0-2013-5613)
Vulnerability from cvelistv5
Published
2013-12-11 15:00
Modified
2024-08-06 17:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:21.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-114.html"
},
{
"name": "openSUSE-SU-2013:1958",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=930381"
},
{
"name": "openSUSE-SU-2013:1957",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=932449"
},
{
"name": "openSUSE-SU-2013:1917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"name": "RHSA-2013:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"name": "USN-2053-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-114.html"
},
{
"name": "openSUSE-SU-2013:1958",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=930381"
},
{
"name": "openSUSE-SU-2013:1957",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=932449"
},
{
"name": "openSUSE-SU-2013:1917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"name": "RHSA-2013:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"name": "USN-2053-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2013-5613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.mozilla.org/security/announce/2013/mfsa2013-114.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-114.html"
},
{
"name": "openSUSE-SU-2013:1958",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"name": "SUSE-SU-2013:1919",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=930381",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=930381"
},
{
"name": "openSUSE-SU-2013:1957",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"name": "FEDORA-2013-23127",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"name": "FEDORA-2013-23519",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"name": "1029470",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029470"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=932449",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=932449"
},
{
"name": "openSUSE-SU-2013:1917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"name": "openSUSE-SU-2013:1959",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2013:1916",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"name": "openSUSE-SU-2014:0008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"name": "1029476",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029476"
},
{
"name": "openSUSE-SU-2013:1918",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"name": "FEDORA-2013-23291",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"name": "USN-2052-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"name": "RHSA-2013:1812",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"name": "USN-2053-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"name": "FEDORA-2013-23295",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2013-5613",
"datePublished": "2013-12-11T15:00:00",
"dateReserved": "2013-08-26T00:00:00",
"dateUpdated": "2024-08-06T17:15:21.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1479 (GCVE-0-2014-1479)
Vulnerability from cvelistv5
Published
2014-02-06 02:00
Modified
2024-08-06 09:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:35.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2119-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "openSUSE-SU-2014:0212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "1029717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56858"
},
{
"name": "firefox-cve20141479-sec-bypass(90898)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90898"
},
{
"name": "102866",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/102866"
},
{
"name": "DSA-2858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "65320",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65320"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=911864"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56761"
},
{
"name": "FEDORA-2014-2041",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "SUSE-SU-2014:0248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56706"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-02T19:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "USN-2119-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "openSUSE-SU-2014:0212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "1029717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56858"
},
{
"name": "firefox-cve20141479-sec-bypass(90898)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90898"
},
{
"name": "102866",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/102866"
},
{
"name": "DSA-2858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "65320",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65320"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=911864"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56761"
},
{
"name": "FEDORA-2014-2041",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "SUSE-SU-2014:0248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56706"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1479",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2119-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"name": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "openSUSE-SU-2014:0212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "1029717",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029717"
},
{
"name": "https://8pecxstudios.com/?page_id=44080",
"refsource": "CONFIRM",
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56858"
},
{
"name": "firefox-cve20141479-sec-bypass(90898)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90898"
},
{
"name": "102866",
"refsource": "OSVDB",
"url": "http://osvdb.org/102866"
},
{
"name": "DSA-2858",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "65320",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65320"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=911864",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=911864"
},
{
"name": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56761"
},
{
"name": "FEDORA-2014-2041",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "SUSE-SU-2014:0248",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56706"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1479",
"datePublished": "2014-02-06T02:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:35.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4419 (GCVE-0-2013-4419)
Vulnerability from cvelistv5
Published
2013-11-05 20:00
Modified
2024-08-06 16:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitrary commands by creating /tmp/.guestfish-$UID/ in advance.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:45:14.194Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:1536",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1536.html"
},
{
"name": "55813",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55813"
},
{
"name": "[Libguestfs] 20131017 ANNOUNCE: CVE-2013-4419: insecure temporary directory handling for guestfish\u0027s network socket",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://www.redhat.com/archives/libguestfs/2013-October/msg00031.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1016960"
},
{
"name": "SUSE-SU-2013:1626",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitrary commands by creating /tmp/.guestfish-$UID/ in advance."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-07T20:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2013:1536",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1536.html"
},
{
"name": "55813",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55813"
},
{
"name": "[Libguestfs] 20131017 ANNOUNCE: CVE-2013-4419: insecure temporary directory handling for guestfish\u0027s network socket",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://www.redhat.com/archives/libguestfs/2013-October/msg00031.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1016960"
},
{
"name": "SUSE-SU-2013:1626",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4419",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitrary commands by creating /tmp/.guestfish-$UID/ in advance."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2013:1536",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1536.html"
},
{
"name": "55813",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55813"
},
{
"name": "[Libguestfs] 20131017 ANNOUNCE: CVE-2013-4419: insecure temporary directory handling for guestfish\u0027s network socket",
"refsource": "MLIST",
"url": "https://www.redhat.com/archives/libguestfs/2013-October/msg00031.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1016960",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1016960"
},
{
"name": "SUSE-SU-2013:1626",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4419",
"datePublished": "2013-11-05T20:00:00",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:45:14.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1513 (GCVE-0-2014-1513)
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:36.222Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-31.html"
},
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "66203",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66203"
},
{
"name": "DSA-2911",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "DSA-2881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982974"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-15T17:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-31.html"
},
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "66203",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66203"
},
{
"name": "DSA-2911",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "DSA-2881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982974"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1513",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-31.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-31.html"
},
{
"name": "RHSA-2014:0310",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "66203",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66203"
},
{
"name": "DSA-2911",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "DSA-2881",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=982974",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982974"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1513",
"datePublished": "2014-03-19T10:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:36.222Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1512 (GCVE-0-2014-1512)
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:36.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-30.html"
},
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982957"
},
{
"name": "DSA-2911",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "DSA-2881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"name": "20140326 VUPEN Security Research - Mozilla Firefox \"BumpChunk\" Object Processing Use-after-free (Pwn2Own)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-03/0145.html"
},
{
"name": "66209",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-15T17:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-30.html"
},
{
"name": "RHSA-2014:0310",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982957"
},
{
"name": "DSA-2911",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "DSA-2881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"name": "20140326 VUPEN Security Research - Mozilla Firefox \"BumpChunk\" Object Processing Use-after-free (Pwn2Own)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-03/0145.html"
},
{
"name": "66209",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-30.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-30.html"
},
{
"name": "RHSA-2014:0310",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=982957",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982957"
},
{
"name": "DSA-2911",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "SUSE-SU-2014:0418",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "USN-2151-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"name": "DSA-2881",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "RHSA-2014:0316",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"name": "openSUSE-SU-2014:0584",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "openSUSE-SU-2014:0448",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"name": "20140326 VUPEN Security Research - Mozilla Firefox \"BumpChunk\" Object Processing Use-after-free (Pwn2Own)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-03/0145.html"
},
{
"name": "66209",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1512",
"datePublished": "2014-03-19T10:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:36.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1486 (GCVE-0-2014-1486)
Vulnerability from cvelistv5
Published
2014-02-06 02:00
Modified
2024-08-06 09:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:36.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2119-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=942164"
},
{
"name": "openSUSE-SU-2014:0212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "1029717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "102872",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/102872"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56761"
},
{
"name": "FEDORA-2014-2041",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "65334",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65334"
},
{
"name": "firefox-cve20141486-code-exec(90890)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90890"
},
{
"name": "SUSE-SU-2014:0248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56767"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html"
},
{
"name": "56706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56706"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-02T19:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "USN-2119-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=942164"
},
{
"name": "openSUSE-SU-2014:0212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "1029717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "102872",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/102872"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56761"
},
{
"name": "FEDORA-2014-2041",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "65334",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65334"
},
{
"name": "firefox-cve20141486-code-exec(90890)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90890"
},
{
"name": "SUSE-SU-2014:0248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56767"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html"
},
{
"name": "56706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56706"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1486",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2119-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"name": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=942164",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=942164"
},
{
"name": "openSUSE-SU-2014:0212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "1029717",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029717"
},
{
"name": "https://8pecxstudios.com/?page_id=44080",
"refsource": "CONFIRM",
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "102872",
"refsource": "OSVDB",
"url": "http://osvdb.org/102872"
},
{
"name": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56761"
},
{
"name": "FEDORA-2014-2041",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "65334",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65334"
},
{
"name": "firefox-cve20141486-code-exec(90890)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90890"
},
{
"name": "SUSE-SU-2014:0248",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56767"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html"
},
{
"name": "56706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56706"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1486",
"datePublished": "2014-02-06T02:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:36.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1482 (GCVE-0-2014-1482)
Vulnerability from cvelistv5
Published
2014-02-06 02:00
Modified
2024-08-06 09:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:35.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2119-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "openSUSE-SU-2014:0212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=943803"
},
{
"name": "1029717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "102868",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/102868"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html"
},
{
"name": "56761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56761"
},
{
"name": "firefox-cve20141482-code-exec(90894)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90894"
},
{
"name": "FEDORA-2014-2041",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "SUSE-SU-2014:0248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56706"
},
{
"name": "65328",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65328"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-02T19:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "USN-2119-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "openSUSE-SU-2014:0212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=943803"
},
{
"name": "1029717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "102868",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/102868"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html"
},
{
"name": "56761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56761"
},
{
"name": "firefox-cve20141482-code-exec(90894)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90894"
},
{
"name": "FEDORA-2014-2041",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "SUSE-SU-2014:0248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56706"
},
{
"name": "65328",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65328"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1482",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2119-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"name": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "openSUSE-SU-2014:0212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=943803",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=943803"
},
{
"name": "1029717",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029717"
},
{
"name": "https://8pecxstudios.com/?page_id=44080",
"refsource": "CONFIRM",
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "102868",
"refsource": "OSVDB",
"url": "http://osvdb.org/102868"
},
{
"name": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html"
},
{
"name": "56761",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56761"
},
{
"name": "firefox-cve20141482-code-exec(90894)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90894"
},
{
"name": "FEDORA-2014-2041",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "SUSE-SU-2014:0248",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56767"
},
{
"name": "56706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56706"
},
{
"name": "65328",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65328"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1482",
"datePublished": "2014-02-06T02:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:35.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4854 (GCVE-0-2013-4854)
Vulnerability from cvelistv5
Published
2013-07-26 23:00
Modified
2024-08-06 16:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:39.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2013-13863",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html"
},
{
"name": "HPSBUX02926",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/article/AA-01015"
},
{
"name": "APPLE-SA-2014-10-16-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"name": "54134",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54134"
},
{
"name": "MDVSA-2013:202",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1244"
},
{
"name": "54185",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54185"
},
{
"name": "FreeBSD-SA-13:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/article/AA-01016"
},
{
"name": "oval:org.mitre.oval:def:19561",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10052"
},
{
"name": "FEDORA-2013-13831",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html"
},
{
"name": "54207",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54207"
},
{
"name": "openSUSE-SU-2013:1354",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT6536"
},
{
"name": "isc-bind-cve20134854-dos(86004)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/"
},
{
"name": "20130806 [slackware-security] bind (SSA:2013-218-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html"
},
{
"name": "RHSA-2013:1114",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1114.html"
},
{
"name": "61479",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61479"
},
{
"name": "54323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54323"
},
{
"name": "SUSE-SU-2013:1310",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html"
},
{
"name": "54211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54211"
},
{
"name": "USN-1910-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1910-1"
},
{
"name": "DSA-2728",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2728"
},
{
"name": "1028838",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028838"
},
{
"name": "RHSA-2013:1115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1115.html"
},
{
"name": "SSRT101281",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"name": "54432",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54432"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-28T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2013-13863",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html"
},
{
"name": "HPSBUX02926",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/article/AA-01015"
},
{
"name": "APPLE-SA-2014-10-16-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"name": "54134",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54134"
},
{
"name": "MDVSA-2013:202",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1244"
},
{
"name": "54185",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54185"
},
{
"name": "FreeBSD-SA-13:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/article/AA-01016"
},
{
"name": "oval:org.mitre.oval:def:19561",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10052"
},
{
"name": "FEDORA-2013-13831",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html"
},
{
"name": "54207",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54207"
},
{
"name": "openSUSE-SU-2013:1354",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT6536"
},
{
"name": "isc-bind-cve20134854-dos(86004)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/"
},
{
"name": "20130806 [slackware-security] bind (SSA:2013-218-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html"
},
{
"name": "RHSA-2013:1114",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1114.html"
},
{
"name": "61479",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61479"
},
{
"name": "54323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54323"
},
{
"name": "SUSE-SU-2013:1310",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html"
},
{
"name": "54211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54211"
},
{
"name": "USN-1910-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1910-1"
},
{
"name": "DSA-2728",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2728"
},
{
"name": "1028838",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028838"
},
{
"name": "RHSA-2013:1115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1115.html"
},
{
"name": "SSRT101281",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"name": "54432",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54432"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4854",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2013-13863",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html"
},
{
"name": "HPSBUX02926",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"name": "https://kb.isc.org/article/AA-01015",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/article/AA-01015"
},
{
"name": "APPLE-SA-2014-10-16-3",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"name": "54134",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54134"
},
{
"name": "MDVSA-2013:202",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1244",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1244"
},
{
"name": "54185",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54185"
},
{
"name": "FreeBSD-SA-13:07",
"refsource": "FREEBSD",
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc"
},
{
"name": "https://kb.isc.org/article/AA-01016",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/article/AA-01016"
},
{
"name": "oval:org.mitre.oval:def:19561",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10052",
"refsource": "MISC",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10052"
},
{
"name": "FEDORA-2013-13831",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html"
},
{
"name": "54207",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54207"
},
{
"name": "openSUSE-SU-2013:1354",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html"
},
{
"name": "https://support.apple.com/kb/HT6536",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6536"
},
{
"name": "isc-bind-cve20134854-dos(86004)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/"
},
{
"name": "20130806 [slackware-security] bind (SSA:2013-218-01)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html"
},
{
"name": "RHSA-2013:1114",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1114.html"
},
{
"name": "61479",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61479"
},
{
"name": "54323",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54323"
},
{
"name": "SUSE-SU-2013:1310",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html"
},
{
"name": "54211",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54211"
},
{
"name": "USN-1910-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1910-1"
},
{
"name": "DSA-2728",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2728"
},
{
"name": "1028838",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028838"
},
{
"name": "RHSA-2013:1115",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1115.html"
},
{
"name": "SSRT101281",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"name": "54432",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54432"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4854",
"datePublished": "2013-07-26T23:00:00",
"dateReserved": "2013-07-16T00:00:00",
"dateUpdated": "2024-08-06T16:59:39.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2015-04-16 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert_us@oracle.com | http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | Third Party Advisory | |
| secalert_us@oracle.com | http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | Vendor Advisory | |
| secalert_us@oracle.com | http://www.securityfocus.com/bid/74085 | ||
| secalert_us@oracle.com | http://www.securitytracker.com/id/1032121 | ||
| secalert_us@oracle.com | https://security.gentoo.org/glsa/201507-19 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/74085 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032121 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201507-19 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| novell | suse_linux_enterprise_desktop | 11 | |
| novell | suse_linux_enterprise_server | 11.0 | |
| suse | suse_linux_enterprise_server | 11.0 | |
| oracle | mysql | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "BD55EF8A-A5D3-4800-9737-3C4D63FF8058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "623DB4CD-8CB3-445A-B9B5-1238CF195235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "103582CB-029E-4201-B391-897B49BE8DDD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88026F8E-06D9-4B34-89CF-C01E2486961D",
"versionEndIncluding": "5.6.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle MySQL Server 5.6.22 y versiones anteriores permite a usuarios remotos autenticados afectar la disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Server : InnoDB, una vulnerabilidad diferente a CVE-2015-4756."
}
],
"id": "CVE-2015-0439",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-16T16:59:04.577",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/74085"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1032121"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201507-19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201507-19"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-05 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitrary commands by creating /tmp/.guestfish-$UID/ in advance.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00001.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2013-1536.html | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/55813 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1016960 | Patch, Third Party Advisory | |
| secalert@redhat.com | https://www.redhat.com/archives/libguestfs/2013-October/msg00031.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00001.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-1536.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/55813 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1016960 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/libguestfs/2013-October/msg00031.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libguestfs | libguestfs | * | |
| libguestfs | libguestfs | * | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| novell | suse_linux_enterprise_server | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libguestfs:libguestfs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEDCD7E8-EB02-4686-8217-017306C55D52",
"versionEndIncluding": "1.20.12",
"versionStartIncluding": "1.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libguestfs:libguestfs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78562C81-E443-418F-BD73-29CA55F6F098",
"versionEndIncluding": "1.22.7",
"versionStartIncluding": "1.22.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "623DB4CD-8CB3-445A-B9B5-1238CF195235",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitrary commands by creating /tmp/.guestfish-$UID/ in advance."
},
{
"lang": "es",
"value": "El comando guestfish en libguestfs 1.20.12, 1.22.7 y anteriores versiones, cuando se usa la opci\u00f3n --remote o --listen, no comprueba adecuadamente la propiedad de /tmp/.guestfish-$UID/ al crear un archivo de socket temporal en este directorio, lo que permite a usuarios locales escribir en el socket y ejecutar comandos arbitrarios mediante la creaci\u00f3n de /tmp/.guestfish-$UID/ por adelantado."
}
],
"id": "CVE-2013-4419",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.2,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-05T20:55:29.397",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1536.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/55813"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1016960"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/libguestfs/2013-October/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1536.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/55813"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1016960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/libguestfs/2013-October/msg00031.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-29 13:59
Modified
2025-04-11 00:51
Severity ?
Summary
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html | ||
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html | ||
| cve@mitre.org | http://linux.oracle.com/errata/ELSA-2014-1244 | ||
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html | Vendor Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html | Vendor Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html | Vendor Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html | Vendor Advisory | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2013-1114.html | Vendor Advisory | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2013-1115.html | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/54134 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/54185 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/54207 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/54211 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/54323 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/54432 | Vendor Advisory | |
| cve@mitre.org | http://www.debian.org/security/2013/dsa-2728 | ||
| cve@mitre.org | http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc | Vendor Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2013:202 | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/61479 | ||
| cve@mitre.org | http://www.securitytracker.com/id/1028838 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-1910-1 | ||
| cve@mitre.org | http://www.zerodayinitiative.com/advisories/ZDI-13-210/ | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/86004 | ||
| cve@mitre.org | https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396 | Vendor Advisory | |
| cve@mitre.org | https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396 | Vendor Advisory | |
| cve@mitre.org | https://kb.isc.org/article/AA-01015 | Vendor Advisory | |
| cve@mitre.org | https://kb.isc.org/article/AA-01016 | Vendor Advisory | |
| cve@mitre.org | https://kc.mcafee.com/corporate/index?page=content&id=SB10052 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561 | ||
| cve@mitre.org | https://support.apple.com/kb/HT6536 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://linux.oracle.com/errata/ELSA-2014-1244 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-1114.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-1115.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/54134 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/54185 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/54207 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/54211 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/54323 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/54432 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2013/dsa-2728 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:202 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/61479 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1028838 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1910-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-13-210/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/86004 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.isc.org/article/AA-01015 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.isc.org/article/AA-01016 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10052 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/kb/HT6536 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| isc | bind | 9.7.0 | |
| isc | bind | 9.7.0 | |
| isc | bind | 9.7.0 | |
| isc | bind | 9.7.0 | |
| isc | bind | 9.7.0 | |
| isc | bind | 9.7.0 | |
| isc | bind | 9.7.1 | |
| isc | bind | 9.7.1 | |
| isc | bind | 9.7.1 | |
| isc | bind | 9.7.1 | |
| isc | bind | 9.7.2 | |
| isc | bind | 9.7.2 | |
| isc | bind | 9.7.2 | |
| isc | bind | 9.7.2 | |
| isc | bind | 9.7.2 | |
| isc | bind | 9.7.3 | |
| isc | bind | 9.7.3 | |
| isc | bind | 9.7.3 | |
| isc | bind | 9.7.3 | |
| isc | bind | 9.7.4 | |
| isc | bind | 9.7.4 | |
| isc | bind | 9.7.4 | |
| isc | bind | 9.7.4 | |
| isc | bind | 9.7.5 | |
| isc | bind | 9.7.5 | |
| isc | bind | 9.7.5 | |
| isc | bind | 9.7.5 | |
| isc | bind | 9.7.6 | |
| isc | bind | 9.7.6 | |
| isc | bind | 9.7.6 | |
| isc | bind | 9.7.7 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| novell | suse_linux | 11 | |
| novell | suse_linux | 11 | |
| isc | dnsco_bind | 9.9.3 | |
| isc | dnsco_bind | 9.9.4 | |
| opensuse | opensuse | 11.4 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.1 | |
| isc | bind | 9.9.1 | |
| isc | bind | 9.9.1 | |
| isc | bind | 9.9.2 | |
| isc | bind | 9.9.3 | |
| isc | bind | 9.9.3 | |
| isc | bind | 9.9.3 | |
| isc | bind | 9.9.3 | |
| isc | bind | 9.9.3 | |
| isc | bind | 9.9.3 | |
| freebsd | freebsd | 8.0 | |
| freebsd | freebsd | 8.1 | |
| freebsd | freebsd | 8.2 | |
| freebsd | freebsd | 8.3 | |
| freebsd | freebsd | 8.4 | |
| freebsd | freebsd | 9.0 | |
| freebsd | freebsd | 9.1 | |
| freebsd | freebsd | 9.1 | |
| freebsd | freebsd | 9.1 | |
| freebsd | freebsd | 9.2 | |
| freebsd | freebsd | 9.2 | |
| freebsd | freebsd | 9.2 | |
| mandriva | business_server | 1.0 | |
| mandriva | enterprise_server | 5.0 | |
| redhat | enterprise_linux | 5 | |
| redhat | enterprise_linux | 6.0 | |
| isc | bind | 9.8.0 | |
| isc | bind | 9.8.0 | |
| isc | bind | 9.8.0 | |
| isc | bind | 9.8.0 | |
| isc | bind | 9.8.0 | |
| isc | bind | 9.8.0 | |
| isc | bind | 9.8.0 | |
| isc | bind | 9.8.1 | |
| isc | bind | 9.8.1 | |
| isc | bind | 9.8.1 | |
| isc | bind | 9.8.1 | |
| isc | bind | 9.8.1 | |
| isc | bind | 9.8.1 | |
| isc | bind | 9.8.2 | |
| isc | bind | 9.8.2 | |
| isc | bind | 9.8.2 | |
| isc | bind | 9.8.3 | |
| isc | bind | 9.8.3 | |
| isc | bind | 9.8.3 | |
| isc | bind | 9.8.4 | |
| isc | bind | 9.8.5 | |
| isc | bind | 9.8.5 | |
| isc | bind | 9.8.5 | |
| isc | bind | 9.8.5 | |
| isc | bind | 9.8.5 | |
| isc | bind | 9.8.5 | |
| isc | bind | 9.8.6 | |
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 | |
| hp | hp-ux | b.11.31 | |
| slackware | slackware_linux | 12.1 | |
| slackware | slackware_linux | 12.2 | |
| slackware | slackware_linux | 13.0 | |
| slackware | slackware_linux | 13.1 | |
| slackware | slackware_linux | 13.37 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B178BB5-A0DC-4014-A8CC-D89B0E2F9789",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "1BE753CB-A16D-4605-8640-137CD4A2BB16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "5B5F1155-78D6-480B-BC0A-1D36B08D2594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "A11247D0-A33E-4CE5-910A-F38B89C63EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E9478F4E-451D-4B4E-8054-E09522F97C59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "87393BF8-9FE3-4501-94CA-A1AA9E38E771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC642B5-ACA4-4764-A9F2-3C87D5D8E9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "A16CE093-38E0-4274-AD53-B807DE72AF91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*",
"matchCriteriaId": "2FB97DEB-A0A4-458C-A94B-46B7264AB0F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "BFDF6597-7131-4080-BCFC-46032138646C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "881B8C5B-8A66-45AC-85E6-758B8A8153BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "4E2D144E-6A15-4B45-8B15-15B60FB33D71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "B5690EC8-66C9-4316-BEAB-C218843F7FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*",
"matchCriteriaId": "FBF13572-C341-4FB1-BAFD-AF8F0C5EF510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0B1D9F9C-54C2-485F-9B66-4AEA0573BC2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "423211E8-A08B-4254-977A-1917AED9B794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "3ABE2712-33E9-45EE-890C-E9FC51D19B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*",
"matchCriteriaId": "BD79961B-508F-4A20-AD4D-D766DFB928E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "5E5510BF-3D22-49DA-A4C6-2D6204EB37C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AD1BC4C7-F72B-43DB-B729-018360F4B281",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*",
"matchCriteriaId": "DB36BD1D-A6AB-4BC8-94C0-FA662622FF26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "DFF83126-E2C8-4156-9C28-7E3005A74E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97D011B3-D9F3-4BC2-9695-A842148EA6BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8BC43BF9-5C34-4DF1-846A-E416DE9C7DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.5:b1:*:*:*:*:*:*",
"matchCriteriaId": "ADD24439-71B4-41AC-85D4-56511445051C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B063AE57-D426-4565-B2D9-ACDB0C16C78E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.5:rc2:*:*:*:*:*:*",
"matchCriteriaId": "CCEA5F9A-A308-4573-BBEB-6B210A61D943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D13D4E84-04EB-4843-A1C4-E3265D1DAC00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "434AA05B-1A22-474B-BEA3-CACAD78955F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "E434E995-F554-45A7-A907-EE2725727B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CC599FF2-080F-4545-BA31-6F431AA558AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "78BEBD36-7BD1-4686-BF9A-60B85EBF6A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux:11:*:desktop:*:*:*:*:*",
"matchCriteriaId": "1F04848C-31A0-41DF-815D-C200625D8B2C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:novell:suse_linux:11:*:server:*:*:*:*:*",
"matchCriteriaId": "09D8D0FB-C49A-44AA-B95E-DD82D870A242",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:dnsco_bind:9.9.3:s1:*:*:*:*:*:*",
"matchCriteriaId": "0AD242CA-7077-4D79-B399-C3517921E814",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:dnsco_bind:9.9.4:s1b1:*:*:*:*:*:*",
"matchCriteriaId": "23EF52C0-4E1B-4B50-9AF2-39FA3ABEB4F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B96B87-F18C-41EF-9A37-7D0842433A4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*",
"matchCriteriaId": "AFA1AA14-4D4A-45D0-9573-D53C0FFFFF78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*",
"matchCriteriaId": "F5DE1274-F7A1-4F12-A4F5-1CB1DD5B84E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*",
"matchCriteriaId": "401A7E61-AC3D-417D-97B8-E5E736DC6FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "C7C37F7D-DD28-4C70-A534-A3F434DF4273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "B2EC1F99-85C1-4081-A118-790111741246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "85D6C9B7-9D5D-4589-AC83-E6ECB535EBFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "043A5E3F-529B-4A9A-8531-184EE6D1942D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "673057D5-256C-4933-B56F-4BF8848323F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "C2CE371B-E399-4D74-B46C-3606E4BDA53A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A3798A1-134C-4066-A012-10C15F103EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "9CA1AEBE-040C-483A-9850-7DA888FF8075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*",
"matchCriteriaId": "B9A33F04-3240-4268-B613-C4876770A30F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91DA33F1-CA29-4EB1-8F95-8CEA71383BF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7BE793-7717-4019-8F50-158C309E48B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "9BE322FB-CC6F-46BA-861C-74C16D7FC791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:b2:*:*:*:*:*:*",
"matchCriteriaId": "9C322F95-B13A-4495-A87E-9295C0169DE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:p1:*:*:*:*:*:*",
"matchCriteriaId": "C267AE8E-A71A-4AE4-BF93-86C43924E477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "38A3F698-5E6C-40AC-9DC6-FF7478E0440C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "C7E1293E-82F4-4401-B3AA-7CB73761E163",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CF1F9EF-01AF-4708-AE02-765360AF3D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9899C87E-2C09-46AE-BC24-1ACF012784CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5ECA1A-D9B4-4ED7-95EC-684E7AA2B765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "30C501A1-FE2D-41E7-A5DB-C61D8701B9B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB4C0E8-8E50-44B1-BE0C-4C261D9E9730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BD5BFF-260A-4A9E-B0AA-C8B8386B154E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D78E559A-430D-4D50-8A83-58A37D393471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:9.1:p4:*:*:*:*:*:*",
"matchCriteriaId": "DD6B2A2E-6E8C-40D7-B29F-1FC9E8B1076B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:9.1:p5:*:*:*:*:*:*",
"matchCriteriaId": "0ADB3AF3-5E13-4EC3-AE3C-128DF51E1DF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:9.2:prerelease:*:*:*:*:*:*",
"matchCriteriaId": "213ECCF5-4FE2-4FE8-B84E-A1C9AA98F1F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:9.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C52A912B-E7C6-484A-8E15-8208C97B8CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:9.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "D4B097BE-2CA1-4236-AB8F-1151FCC845A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandriva:business_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2916CC4D-4C4D-4232-AA24-90458181EC25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandriva:enterprise_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0175F23D-071B-4791-9349-C85ABB37BF50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4EBDD71E-6F17-4EB6-899F-E27A93CDFDF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*",
"matchCriteriaId": "811D03B2-96A8-47F9-80BE-54228A4108EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "B3D4393C-1151-49F9-963B-B6FD88E93814",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "25855A5C-302F-4A82-AEC1-8C4C9CB70362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "03E68ACA-0288-4EE5-9250-54711B2E6670",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "8D717D3D-F4BF-470B-AC2B-D1234A7303EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "66D259B7-4F9E-43B2-BB1D-3B097D3CDB28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9DA20E-57EA-49A0-9DB2-E9E0191EC1AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*",
"matchCriteriaId": "FCC604FD-A834-4BA7-B1E2-1FCB6A583204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*",
"matchCriteriaId": "479D3C6C-1FD7-4DBE-A841-4B58400A89F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*",
"matchCriteriaId": "BAF29160-63C2-40D0-BE08-3C8181CD5092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "8DAA3942-0979-4D33-BD52-EF7F0403DFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "39D75F93-B6A7-4D25-8147-25F7F867E5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*",
"matchCriteriaId": "B046CE1D-03E1-462F-9762-9269E59BD554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "DAC9049D-6284-40F7-9E97-596FEDF9EEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "10D06B47-911B-4095-ABD2-DDD38E6306F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59428551-218B-4C32-982F-DCDC894E2954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*",
"matchCriteriaId": "961E22DC-1467-4A0C-9450-A2E047FCFCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*",
"matchCriteriaId": "DF77CAF5-A8D6-4479-9C4D-A698D26BDC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AD318FF1-320B-4311-AF7E-988C023B4938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BDCC8861-0655-4180-A083-1516AC441A3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.5:b1:*:*:*:*:*:*",
"matchCriteriaId": "DB2E6ABE-B1CB-4603-AFC8-BB7BE1AD96B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.5:b2:*:*:*:*:*:*",
"matchCriteriaId": "C8FC8393-5812-4032-A458-80C01248B18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.5:p1:*:*:*:*:*:*",
"matchCriteriaId": "8DEC5C59-44A6-4B48-A84F-22C080CBE5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "87BAA6BD-4677-451B-B012-F3FF6C95B369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.5:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0E52B0E7-9392-4B08-906F-C47C5CA41044",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.6:b1:*:*:*:*:*:*",
"matchCriteriaId": "BD8E5645-EAE9-43A5-8845-229C403BF93B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*",
"matchCriteriaId": "E14271AE-1309-48F3-B9C6-D7DEEC488279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*",
"matchCriteriaId": "B64BBA96-FB3C-46AC-9A29-50EE02714FE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E752F93D-ED2E-4458-A12E-47EE62C8DCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F56191B9-387B-4850-BA5F-F73D6AFEFE72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7547FBB1-AFE8-4DCB-9B6D-0EB719D26FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64DF28B6-C9FE-44AD-9D09-2F154819AFA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:13.37:*:*:*:*:*:*:*",
"matchCriteriaId": "1A153230-E0BE-4323-AC73-44E8DCD14A1E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013."
},
{
"lang": "es",
"value": "La implementaci\u00f3n RFC en rdata.c en ISC BIND 9.7.x y 9.8.x anterior a 9.8.5-P2, 9.8.6b1, 9.9.x anterior a 9.9.3-P2, y 9.9.4b1, y DNSco BIND 9.9.3-S1 anterior a 9.9.3-S1-P1 y 9.9.4-S1b1, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (fallo de aserci\u00f3n y salida de demonio) a trav\u00e9s de una petici\u00f3n con una secci\u00f3n RDATA manipulada que se maneja adecuadamente durante la contrucci\u00f3n de mensaje de log. Ha sido explotada \"in the wild\" en Julio de 2013."
}
],
"id": "CVE-2013-4854",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-29T13:59:37.537",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"source": "cve@mitre.org",
"url": "http://linux.oracle.com/errata/ELSA-2014-1244"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1114.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1115.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54134"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54185"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54207"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54211"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54323"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54432"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2013/dsa-2728"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/61479"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1028838"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-1910-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/article/AA-01015"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/article/AA-01016"
},
{
"source": "cve@mitre.org",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10052"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561"
},
{
"source": "cve@mitre.org",
"url": "https://support.apple.com/kb/HT6536"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2014-1244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1114.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1115.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54207"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2013/dsa-2728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/61479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1028838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1910-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/article/AA-01015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/article/AA-01016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/kb/HT6536"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-28 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156005.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156979.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157006.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3414 | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/74248 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1032158 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://xenbits.xen.org/xsa/advisory-132.html | Patch, Vendor Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201604-03 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156005.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156979.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157006.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3414 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/74248 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032158 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://xenbits.xen.org/xsa/advisory-132.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201604-03 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xen | xen | 4.2.0 | |
| xen | xen | 4.2.1 | |
| xen | xen | 4.2.2 | |
| xen | xen | 4.2.3 | |
| xen | xen | 4.2.4 | |
| xen | xen | 4.2.5 | |
| xen | xen | 4.3.0 | |
| xen | xen | 4.3.1 | |
| xen | xen | 4.3.2 | |
| xen | xen | 4.3.3 | |
| xen | xen | 4.3.4 | |
| xen | xen | 4.4.0 | |
| xen | xen | 4.4.1 | |
| xen | xen | 4.4.2 | |
| xen | xen | 4.5.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| suse | suse_linux_enterprise_desktop | 11.0 | |
| suse | suse_linux_enterprise_server | 11.0 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| fedoraproject | fedora | 22 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| opensuse | opensuse | 13.1 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| suse | suse_linux_enterprise_server | 12 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "47640819-FC43-49ED-8A77-728C3D7255B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2448537F-87AD-45C1-9FB0-7A49CA31BD76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E36B2265-70E1-413B-A7CF-79D39E9ADCFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "37148A72-BE20-45C5-8589-2309ED84D08C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FB736B4C-325A-4B27-8C8A-15E60B8A8C82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF948E6A-07BE-4C7D-8A98-002E89D35F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E23B94-1726-4F63-84BB-8D83FAB156D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C76124AB-4E3D-4BE0-AAEA-7FC05868E2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F30B5EF5-0AE8-420B-A103-B1B25A372F09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F784EF07-DBEC-492A-A0F4-F9F7B2551A0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1044792C-D544-457C-9391-4F3B5BAB978D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBD9AD01-50B7-4951-8A73-A6CF4801A487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "89AA8FD5-E997-4F0D-AFB6-FFBE0073BA5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90CCECD0-C0F9-45A8-8699-64428637EBCA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "777F6902-6EFA-482A-9A17-48DA5BDDB9CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "7F622F0E-8D17-47E8-8F3C-A640C21544E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*",
"matchCriteriaId": "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2A1559-651C-46B0-B436-8E03DC8A60D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*",
"matchCriteriaId": "9C649194-B8C2-49F7-A819-C635EE584ABF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request."
},
{
"lang": "es",
"value": "Xen 4.2.x hasta 4.5.x no inicializa ciertos campos, lo que permite a ciertos dominios de servicio remotos obtener informaci\u00f3n sensible de la memoria a trav\u00e9s de una solicitud (1) XEN_DOMCTL_gettscinfo o (2) XEN_SYSCTL_getdomaininfolist."
}
],
"id": "CVE-2015-3340",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-28T14:59:02.560",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156979.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3414"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74248"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032158"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-132.html"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156979.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74248"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032158"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-132.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201604-03"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-11 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2013-1812.html | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2013/mfsa2013-111.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/64212 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029470 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029476 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2052-1 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2053-1 | Third Party Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=930281 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-1812.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2013/mfsa2013-111.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/64212 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029470 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029476 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2052-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2053-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=930281 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.04 | |
| canonical | ubuntu_linux | 13.10 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50A3A702-C2B1-4311-9EBC-D62079E3DCD5",
"versionEndExcluding": "26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "924CA671-D089-40FA-BE02-6938FD094713",
"versionEndExcluding": "24.2",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D337932C-EF9D-4511-87DB-54262C6635D9",
"versionEndExcluding": "2.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD42C60-4027-4EDE-A61B-84C80154A5C3",
"versionEndExcluding": "24.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:-:*:*:*",
"matchCriteriaId": "A3E8BD00-CF9C-404F-A25C-8917A001A6D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*",
"matchCriteriaId": "E14271AE-1309-48F3-B9C6-D7DEEC488279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements."
},
{
"lang": "es",
"value": "L funci\u00f3n nsGfxScrollFrameInner::IsLTR en Mozilla Firefox anterior a 26.0, Firefox ESR 24.x anteriores a 24.2, Thunderbird anteriores a 24.2, y SeaMonkey anteriores a 2.23 permite a atacantes remotos ejecutar c\u00f3digo de forma arbitraria a trav\u00e9s del uso de c\u00f3digo JavaScript manipulado para listas ordenadas de elementos."
}
],
"id": "CVE-2013-6671",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2013-12-11T15:55:13.120",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-111.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/64212"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=930281"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-111.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/64212"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=930281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-04 13:29
Modified
2025-01-14 19:29
Severity ?
Summary
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secure@intel.com | http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html | Mailing List, Third Party Advisory | |
| secure@intel.com | http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html | Mailing List, Third Party Advisory | |
| secure@intel.com | http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html | Mailing List, Third Party Advisory | |
| secure@intel.com | http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html | Mailing List, Third Party Advisory | |
| secure@intel.com | http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html | Mailing List, Third Party Advisory | |
| secure@intel.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4609 | Third Party Advisory | |
| secure@intel.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4611 | Third Party Advisory | |
| secure@intel.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4613 | Third Party Advisory | |
| secure@intel.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4614 | Third Party Advisory | |
| secure@intel.com | http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html | Exploit, Third Party Advisory, VDB Entry | |
| secure@intel.com | http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt | Third Party Advisory | |
| secure@intel.com | http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt | Third Party Advisory | |
| secure@intel.com | http://www.kb.cert.org/vuls/id/584653 | Third Party Advisory, US Government Resource | |
| secure@intel.com | http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | Patch, Third Party Advisory | |
| secure@intel.com | http://www.securityfocus.com/bid/102371 | Third Party Advisory, VDB Entry | |
| secure@intel.com | http://www.securitytracker.com/id/1040071 | Third Party Advisory, VDB Entry | |
| secure@intel.com | http://xenbits.xen.org/xsa/advisory-254.html | Third Party Advisory | |
| secure@intel.com | https://access.redhat.com/errata/RHSA-2018:0292 | Third Party Advisory | |
| secure@intel.com | https://access.redhat.com/security/vulnerabilities/speculativeexecution | Third Party Advisory | |
| secure@intel.com | https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/ | Third Party Advisory | |
| secure@intel.com | https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/ | Third Party Advisory | |
| secure@intel.com | https://cdrdv2.intel.com/v1/dl/getContent/685359 | Vendor Advisory | |
| secure@intel.com | https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf | Third Party Advisory | |
| secure@intel.com | https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf | Third Party Advisory | |
| secure@intel.com | https://cert.vde.com/en-us/advisories/vde-2018-002 | Third Party Advisory | |
| secure@intel.com | https://cert.vde.com/en-us/advisories/vde-2018-003 | Third Party Advisory | |
| secure@intel.com | https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability | Third Party Advisory | |
| secure@intel.com | https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html | Third Party Advisory | |
| secure@intel.com | https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes | Third Party Advisory | |
| secure@intel.com | https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html | Mailing List, Third Party Advisory | |
| secure@intel.com | https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html | Mailing List, Third Party Advisory | |
| secure@intel.com | https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html | Mailing List, Third Party Advisory | |
| secure@intel.com | https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html | Mailing List, Third Party Advisory | |
| secure@intel.com | https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html | Mailing List, Third Party Advisory | |
| secure@intel.com | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002 | Patch, Third Party Advisory, Vendor Advisory | |
| secure@intel.com | https://seclists.org/bugtraq/2019/Jun/36 | Issue Tracking, Mailing List, Third Party Advisory | |
| secure@intel.com | https://security.gentoo.org/glsa/201810-06 | Third Party Advisory | |
| secure@intel.com | https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html | Third Party Advisory | |
| secure@intel.com | https://security.netapp.com/advisory/ntap-20180104-0001/ | Third Party Advisory | |
| secure@intel.com | https://spectreattack.com/ | Technical Description, Third Party Advisory | |
| secure@intel.com | https://support.citrix.com/article/CTX231399 | Third Party Advisory | |
| secure@intel.com | https://support.f5.com/csp/article/K91229003 | Third Party Advisory | |
| secure@intel.com | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us | Third Party Advisory | |
| secure@intel.com | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03871en_us | Third Party Advisory | |
| secure@intel.com | https://support.lenovo.com/us/en/solutions/LEN-18282 | Third Party Advisory | |
| secure@intel.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel | Third Party Advisory | |
| secure@intel.com | https://usn.ubuntu.com/3540-1/ | Third Party Advisory | |
| secure@intel.com | https://usn.ubuntu.com/3540-2/ | Third Party Advisory | |
| secure@intel.com | https://usn.ubuntu.com/3541-1/ | Third Party Advisory | |
| secure@intel.com | https://usn.ubuntu.com/3541-2/ | Third Party Advisory | |
| secure@intel.com | https://usn.ubuntu.com/3542-1/ | Third Party Advisory | |
| secure@intel.com | https://usn.ubuntu.com/3542-2/ | Third Party Advisory | |
| secure@intel.com | https://usn.ubuntu.com/3549-1/ | Third Party Advisory | |
| secure@intel.com | https://usn.ubuntu.com/3580-1/ | Third Party Advisory | |
| secure@intel.com | https://usn.ubuntu.com/3597-1/ | Third Party Advisory | |
| secure@intel.com | https://usn.ubuntu.com/3597-2/ | Third Party Advisory | |
| secure@intel.com | https://usn.ubuntu.com/usn/usn-3516-1/ | Third Party Advisory | |
| secure@intel.com | https://www.debian.org/security/2018/dsa-4187 | Third Party Advisory | |
| secure@intel.com | https://www.debian.org/security/2018/dsa-4188 | Third Party Advisory | |
| secure@intel.com | https://www.exploit-db.com/exploits/43427/ | Exploit, Third Party Advisory, VDB Entry | |
| secure@intel.com | https://www.kb.cert.org/vuls/id/180049 | Third Party Advisory, US Government Resource | |
| secure@intel.com | https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001 | Third Party Advisory | |
| secure@intel.com | https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | Patch, Third Party Advisory | |
| secure@intel.com | https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/ | Third Party Advisory | |
| secure@intel.com | https://www.synology.com/support/security/Synology_SA_18_01 | Third Party Advisory | |
| secure@intel.com | https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4609 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4611 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4613 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4614 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/584653 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102371 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040071 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://xenbits.xen.org/xsa/advisory-254.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:0292 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/vulnerabilities/speculativeexecution | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cdrdv2.intel.com/v1/dl/getContent/685359 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en-us/advisories/vde-2018-002 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en-us/advisories/vde-2018-003 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002 | Patch, Third Party Advisory, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Jun/36 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201810-06 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20180104-0001/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://spectreattack.com/ | Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.citrix.com/article/CTX231399 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K91229003 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03871en_us | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.lenovo.com/us/en/solutions/LEN-18282 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3540-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3540-2/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3541-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3541-2/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3542-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3542-2/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3549-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3580-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3597-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3597-2/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/usn/usn-3516-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4187 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4188 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/43427/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/180049 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.synology.com/support/security/Synology_SA_18_01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | atom_c | c2308 | |
| intel | atom_c | c2316 | |
| intel | atom_c | c2338 | |
| intel | atom_c | c2350 | |
| intel | atom_c | c2358 | |
| intel | atom_c | c2508 | |
| intel | atom_c | c2516 | |
| intel | atom_c | c2518 | |
| intel | atom_c | c2530 | |
| intel | atom_c | c2538 | |
| intel | atom_c | c2550 | |
| intel | atom_c | c2558 | |
| intel | atom_c | c2718 | |
| intel | atom_c | c2730 | |
| intel | atom_c | c2738 | |
| intel | atom_c | c2750 | |
| intel | atom_c | c2758 | |
| intel | atom_c | c3308 | |
| intel | atom_c | c3338 | |
| intel | atom_c | c3508 | |
| intel | atom_c | c3538 | |
| intel | atom_c | c3558 | |
| intel | atom_c | c3708 | |
| intel | atom_c | c3750 | |
| intel | atom_c | c3758 | |
| intel | atom_c | c3808 | |
| intel | atom_c | c3830 | |
| intel | atom_c | c3850 | |
| intel | atom_c | c3858 | |
| intel | atom_c | c3950 | |
| intel | atom_c | c3955 | |
| intel | atom_c | c3958 | |
| intel | atom_e | e3805 | |
| intel | atom_e | e3815 | |
| intel | atom_e | e3825 | |
| intel | atom_e | e3826 | |
| intel | atom_e | e3827 | |
| intel | atom_e | e3845 | |
| intel | atom_x3 | c3130 | |
| intel | atom_x3 | c3200rk | |
| intel | atom_x3 | c3205rk | |
| intel | atom_x3 | c3230rk | |
| intel | atom_x3 | c3235rk | |
| intel | atom_x3 | c3265rk | |
| intel | atom_x3 | c3295rk | |
| intel | atom_x3 | c3405 | |
| intel | atom_x3 | c3445 | |
| intel | atom_x5-e3930 | - | |
| intel | atom_x5-e3940 | - | |
| intel | atom_x7-e3950 | - | |
| intel | atom_z | z2420 | |
| intel | atom_z | z2460 | |
| intel | atom_z | z2480 | |
| intel | atom_z | z2520 | |
| intel | atom_z | z2560 | |
| intel | atom_z | z2580 | |
| intel | atom_z | z2760 | |
| intel | atom_z | z3460 | |
| intel | atom_z | z3480 | |
| intel | atom_z | z3530 | |
| intel | atom_z | z3560 | |
| intel | atom_z | z3570 | |
| intel | atom_z | z3580 | |
| intel | atom_z | z3590 | |
| intel | atom_z | z3735d | |
| intel | atom_z | z3735e | |
| intel | atom_z | z3735f | |
| intel | atom_z | z3735g | |
| intel | atom_z | z3736f | |
| intel | atom_z | z3736g | |
| intel | atom_z | z3740 | |
| intel | atom_z | z3740d | |
| intel | atom_z | z3745 | |
| intel | atom_z | z3745d | |
| intel | atom_z | z3770 | |
| intel | atom_z | z3770d | |
| intel | atom_z | z3775 | |
| intel | atom_z | z3775d | |
| intel | atom_z | z3785 | |
| intel | atom_z | z3795 | |
| intel | celeron_j | j1750 | |
| intel | celeron_j | j1800 | |
| intel | celeron_j | j1850 | |
| intel | celeron_j | j1900 | |
| intel | celeron_j | j3060 | |
| intel | celeron_j | j3160 | |
| intel | celeron_j | j3355 | |
| intel | celeron_j | j3455 | |
| intel | celeron_j | j4005 | |
| intel | celeron_j | j4105 | |
| intel | celeron_n | n2805 | |
| intel | celeron_n | n2806 | |
| intel | celeron_n | n2807 | |
| intel | celeron_n | n2808 | |
| intel | celeron_n | n2810 | |
| intel | celeron_n | n2815 | |
| intel | celeron_n | n2820 | |
| intel | celeron_n | n2830 | |
| intel | celeron_n | n2840 | |
| intel | celeron_n | n2910 | |
| intel | celeron_n | n2920 | |
| intel | celeron_n | n2930 | |
| intel | celeron_n | n2940 | |
| intel | celeron_n | n3000 | |
| intel | celeron_n | n3010 | |
| intel | celeron_n | n3050 | |
| intel | celeron_n | n3060 | |
| intel | celeron_n | n3150 | |
| intel | celeron_n | n3160 | |
| intel | celeron_n | n3350 | |
| intel | celeron_n | n3450 | |
| intel | celeron_n | n4000 | |
| intel | celeron_n | n4100 | |
| intel | core_i3 | 330e | |
| intel | core_i3 | 330m | |
| intel | core_i3 | 330um | |
| intel | core_i3 | 350m | |
| intel | core_i3 | 370m | |
| intel | core_i3 | 380m | |
| intel | core_i3 | 380um | |
| intel | core_i3 | 390m | |
| intel | core_i3 | 530 | |
| intel | core_i3 | 540 | |
| intel | core_i3 | 550 | |
| intel | core_i3 | 560 | |
| intel | core_i3 | 2100 | |
| intel | core_i3 | 2100t | |
| intel | core_i3 | 2102 | |
| intel | core_i3 | 2105 | |
| intel | core_i3 | 2115c | |
| intel | core_i3 | 2120 | |
| intel | core_i3 | 2120t | |
| intel | core_i3 | 2125 | |
| intel | core_i3 | 2130 | |
| intel | core_i3 | 2310e | |
| intel | core_i3 | 2310m | |
| intel | core_i3 | 2312m | |
| intel | core_i3 | 2328m | |
| intel | core_i3 | 2330e | |
| intel | core_i3 | 2330m | |
| intel | core_i3 | 2340ue | |
| intel | core_i3 | 2348m | |
| intel | core_i3 | 2350m | |
| intel | core_i3 | 2357m | |
| intel | core_i3 | 2365m | |
| intel | core_i3 | 2367m | |
| intel | core_i3 | 2370m | |
| intel | core_i3 | 2375m | |
| intel | core_i3 | 2377m | |
| intel | core_i3 | 3110m | |
| intel | core_i3 | 3115c | |
| intel | core_i3 | 3120m | |
| intel | core_i3 | 3120me | |
| intel | core_i3 | 3130m | |
| intel | core_i3 | 3210 | |
| intel | core_i3 | 3217u | |
| intel | core_i3 | 3217ue | |
| intel | core_i3 | 3220 | |
| intel | core_i3 | 3220t | |
| intel | core_i3 | 3225 | |
| intel | core_i3 | 3227u | |
| intel | core_i3 | 3229y | |
| intel | core_i3 | 3240 | |
| intel | core_i3 | 3240t | |
| intel | core_i3 | 3245 | |
| intel | core_i3 | 3250 | |
| intel | core_i3 | 3250t | |
| intel | core_i3 | 4000m | |
| intel | core_i3 | 4005u | |
| intel | core_i3 | 4010u | |
| intel | core_i3 | 4010y | |
| intel | core_i3 | 4012y | |
| intel | core_i3 | 4020y | |
| intel | core_i3 | 4025u | |
| intel | core_i3 | 4030u | |
| intel | core_i3 | 4030y | |
| intel | core_i3 | 4100e | |
| intel | core_i3 | 4100m | |
| intel | core_i3 | 4100u | |
| intel | core_i3 | 4102e | |
| intel | core_i3 | 4110e | |
| intel | core_i3 | 4110m | |
| intel | core_i3 | 4112e | |
| intel | core_i3 | 4120u | |
| intel | core_i3 | 4130 | |
| intel | core_i3 | 4130t | |
| intel | core_i3 | 4150 | |
| intel | core_i3 | 4150t | |
| intel | core_i3 | 4158u | |
| intel | core_i3 | 4160 | |
| intel | core_i3 | 4160t | |
| intel | core_i3 | 4170 | |
| intel | core_i3 | 4170t | |
| intel | core_i3 | 4330 | |
| intel | core_i3 | 4330t | |
| intel | core_i3 | 4330te | |
| intel | core_i3 | 4340 | |
| intel | core_i3 | 4340te | |
| intel | core_i3 | 4350 | |
| intel | core_i3 | 4350t | |
| intel | core_i3 | 4360 | |
| intel | core_i3 | 4360t | |
| intel | core_i3 | 4370 | |
| intel | core_i3 | 4370t | |
| intel | core_i3 | 5005u | |
| intel | core_i3 | 5010u | |
| intel | core_i3 | 5015u | |
| intel | core_i3 | 5020u | |
| intel | core_i3 | 5157u | |
| intel | core_i3 | 6006u | |
| intel | core_i3 | 6098p | |
| intel | core_i3 | 6100 | |
| intel | core_i3 | 6100e | |
| intel | core_i3 | 6100h | |
| intel | core_i3 | 6100t | |
| intel | core_i3 | 6100te | |
| intel | core_i3 | 6100u | |
| intel | core_i3 | 6102e | |
| intel | core_i3 | 6157u | |
| intel | core_i3 | 6167u | |
| intel | core_i3 | 6300 | |
| intel | core_i3 | 6300t | |
| intel | core_i3 | 6320 | |
| intel | core_i3 | 8100 | |
| intel | core_i3 | 8350k | |
| intel | core_i5 | 430m | |
| intel | core_i5 | 430um | |
| intel | core_i5 | 450m | |
| intel | core_i5 | 460m | |
| intel | core_i5 | 470um | |
| intel | core_i5 | 480m | |
| intel | core_i5 | 520e | |
| intel | core_i5 | 520m | |
| intel | core_i5 | 520um | |
| intel | core_i5 | 540m | |
| intel | core_i5 | 540um | |
| intel | core_i5 | 560m | |
| intel | core_i5 | 560um | |
| intel | core_i5 | 580m | |
| intel | core_i5 | 650 | |
| intel | core_i5 | 655k | |
| intel | core_i5 | 660 | |
| intel | core_i5 | 661 | |
| intel | core_i5 | 670 | |
| intel | core_i5 | 680 | |
| intel | core_i5 | 750 | |
| intel | core_i5 | 750s | |
| intel | core_i5 | 760 | |
| intel | core_i5 | 2300 | |
| intel | core_i5 | 2310 | |
| intel | core_i5 | 2320 | |
| intel | core_i5 | 2380p | |
| intel | core_i5 | 2390t | |
| intel | core_i5 | 2400 | |
| intel | core_i5 | 2400s | |
| intel | core_i5 | 2405s | |
| intel | core_i5 | 2410m | |
| intel | core_i5 | 2430m | |
| intel | core_i5 | 2435m | |
| intel | core_i5 | 2450m | |
| intel | core_i5 | 2450p | |
| intel | core_i5 | 2467m | |
| intel | core_i5 | 2500 | |
| intel | core_i5 | 2500k | |
| intel | core_i5 | 2500s | |
| intel | core_i5 | 2500t | |
| intel | core_i5 | 2510e | |
| intel | core_i5 | 2515e | |
| intel | core_i5 | 2520m | |
| intel | core_i5 | 2537m | |
| intel | core_i5 | 2540m | |
| intel | core_i5 | 2550k | |
| intel | core_i5 | 2557m | |
| intel | core_i5 | 3210m | |
| intel | core_i5 | 3230m | |
| intel | core_i5 | 3317u | |
| intel | core_i5 | 3320m | |
| intel | core_i5 | 3330 | |
| intel | core_i5 | 3330s | |
| intel | core_i5 | 3337u | |
| intel | core_i5 | 3339y | |
| intel | core_i5 | 3340 | |
| intel | core_i5 | 3340m | |
| intel | core_i5 | 3340s | |
| intel | core_i5 | 3350p | |
| intel | core_i5 | 3360m | |
| intel | core_i5 | 3380m | |
| intel | core_i5 | 3427u | |
| intel | core_i5 | 3437u | |
| intel | core_i5 | 3439y | |
| intel | core_i5 | 3450 | |
| intel | core_i5 | 3450s | |
| intel | core_i5 | 3470 | |
| intel | core_i5 | 3470s | |
| intel | core_i5 | 3470t | |
| intel | core_i5 | 3475s | |
| intel | core_i5 | 3550 | |
| intel | core_i5 | 3550s | |
| intel | core_i5 | 3570 | |
| intel | core_i5 | 3570k | |
| intel | core_i5 | 3570s | |
| intel | core_i5 | 3570t | |
| intel | core_i5 | 3610me | |
| intel | core_i5 | 4200h | |
| intel | core_i5 | 4200m | |
| intel | core_i5 | 4200u | |
| intel | core_i5 | 4200y | |
| intel | core_i5 | 4202y | |
| intel | core_i5 | 4210h | |
| intel | core_i5 | 4210m | |
| intel | core_i5 | 4210u | |
| intel | core_i5 | 4210y | |
| intel | core_i5 | 4220y | |
| intel | core_i5 | 4250u | |
| intel | core_i5 | 4258u | |
| intel | core_i5 | 4260u | |
| intel | core_i5 | 4278u | |
| intel | core_i5 | 4288u | |
| intel | core_i5 | 4300m | |
| intel | core_i5 | 4300u | |
| intel | core_i5 | 4300y | |
| intel | core_i5 | 4302y | |
| intel | core_i5 | 4308u | |
| intel | core_i5 | 4310m | |
| intel | core_i5 | 4310u | |
| intel | core_i5 | 4330m | |
| intel | core_i5 | 4340m | |
| intel | core_i5 | 4350u | |
| intel | core_i5 | 4360u | |
| intel | core_i5 | 4400e | |
| intel | core_i5 | 4402e | |
| intel | core_i5 | 4402ec | |
| intel | core_i5 | 4410e | |
| intel | core_i5 | 4422e | |
| intel | core_i5 | 4430 | |
| intel | core_i5 | 4430s | |
| intel | core_i5 | 4440 | |
| intel | core_i5 | 4440s | |
| intel | core_i5 | 4460 | |
| intel | core_i5 | 4460s | |
| intel | core_i5 | 4460t | |
| intel | core_i5 | 4570 | |
| intel | core_i5 | 4570r | |
| intel | core_i5 | 4570s | |
| intel | core_i5 | 4570t | |
| intel | core_i5 | 4570te | |
| intel | core_i5 | 4590 | |
| intel | core_i5 | 4590s | |
| intel | core_i5 | 4590t | |
| intel | core_i5 | 4670 | |
| intel | core_i5 | 4670k | |
| intel | core_i5 | 4670r | |
| intel | core_i5 | 4670s | |
| intel | core_i5 | 4670t | |
| intel | core_i5 | 4690 | |
| intel | core_i5 | 4690k | |
| intel | core_i5 | 4690s | |
| intel | core_i5 | 4690t | |
| intel | core_i5 | 5200u | |
| intel | core_i5 | 5250u | |
| intel | core_i5 | 5257u | |
| intel | core_i5 | 5287u | |
| intel | core_i5 | 5300u | |
| intel | core_i5 | 5350h | |
| intel | core_i5 | 5350u | |
| intel | core_i5 | 5575r | |
| intel | core_i5 | 5675c | |
| intel | core_i5 | 5675r | |
| intel | core_i5 | 6200u | |
| intel | core_i5 | 6260u | |
| intel | core_i5 | 6267u | |
| intel | core_i5 | 6287u | |
| intel | core_i5 | 6300hq | |
| intel | core_i5 | 6300u | |
| intel | core_i5 | 6350hq | |
| intel | core_i5 | 6360u | |
| intel | core_i5 | 6400 | |
| intel | core_i5 | 6400t | |
| intel | core_i5 | 6402p | |
| intel | core_i5 | 6440eq | |
| intel | core_i5 | 6440hq | |
| intel | core_i5 | 6442eq | |
| intel | core_i5 | 6500 | |
| intel | core_i5 | 6500t | |
| intel | core_i5 | 6500te | |
| intel | core_i5 | 6585r | |
| intel | core_i5 | 6600 | |
| intel | core_i5 | 6600k | |
| intel | core_i5 | 6600t | |
| intel | core_i5 | 6685r | |
| intel | core_i5 | 8250u | |
| intel | core_i5 | 8350u | |
| intel | core_i5 | 8400 | |
| intel | core_i5 | 8600k | |
| intel | core_i7 | 7y75 | |
| intel | core_i7 | 610e | |
| intel | core_i7 | 620le | |
| intel | core_i7 | 620lm | |
| intel | core_i7 | 620m | |
| intel | core_i7 | 620ue | |
| intel | core_i7 | 620um | |
| intel | core_i7 | 640lm | |
| intel | core_i7 | 640m | |
| intel | core_i7 | 640um | |
| intel | core_i7 | 660lm | |
| intel | core_i7 | 660ue | |
| intel | core_i7 | 660um | |
| intel | core_i7 | 680um | |
| intel | core_i7 | 720qm | |
| intel | core_i7 | 740qm | |
| intel | core_i7 | 820qm | |
| intel | core_i7 | 840qm | |
| intel | core_i7 | 860 | |
| intel | core_i7 | 860s | |
| intel | core_i7 | 870 | |
| intel | core_i7 | 870s | |
| intel | core_i7 | 875k | |
| intel | core_i7 | 880 | |
| intel | core_i7 | 920 | |
| intel | core_i7 | 920xm | |
| intel | core_i7 | 930 | |
| intel | core_i7 | 940 | |
| intel | core_i7 | 940xm | |
| intel | core_i7 | 950 | |
| intel | core_i7 | 960 | |
| intel | core_i7 | 965 | |
| intel | core_i7 | 970 | |
| intel | core_i7 | 975 | |
| intel | core_i7 | 980 | |
| intel | core_i7 | 980x | |
| intel | core_i7 | 990x | |
| intel | core_i7 | 2600 | |
| intel | core_i7 | 2600k | |
| intel | core_i7 | 2600s | |
| intel | core_i7 | 2610ue | |
| intel | core_i7 | 2617m | |
| intel | core_i7 | 2620m | |
| intel | core_i7 | 2629m | |
| intel | core_i7 | 2630qm | |
| intel | core_i7 | 2635qm | |
| intel | core_i7 | 2637m | |
| intel | core_i7 | 2640m | |
| intel | core_i7 | 2649m | |
| intel | core_i7 | 2655le | |
| intel | core_i7 | 2657m | |
| intel | core_i7 | 2670qm | |
| intel | core_i7 | 2675qm | |
| intel | core_i7 | 2677m | |
| intel | core_i7 | 2700k | |
| intel | core_i7 | 2710qe | |
| intel | core_i7 | 2715qe | |
| intel | core_i7 | 2720qm | |
| intel | core_i7 | 2760qm | |
| intel | core_i7 | 2820qm | |
| intel | core_i7 | 2860qm | |
| intel | core_i7 | 2920xm | |
| intel | core_i7 | 2960xm | |
| intel | core_i7 | 3517u | |
| intel | core_i7 | 3517ue | |
| intel | core_i7 | 3520m | |
| intel | core_i7 | 3537u | |
| intel | core_i7 | 3540m | |
| intel | core_i7 | 3555le | |
| intel | core_i7 | 3610qe | |
| intel | core_i7 | 3610qm | |
| intel | core_i7 | 3612qe | |
| intel | core_i7 | 3612qm | |
| intel | core_i7 | 3615qe | |
| intel | core_i7 | 3615qm | |
| intel | core_i7 | 3630qm | |
| intel | core_i7 | 3632qm | |
| intel | core_i7 | 3635qm | |
| intel | core_i7 | 3667u | |
| intel | core_i7 | 3687u | |
| intel | core_i7 | 3689y | |
| intel | core_i7 | 3720qm | |
| intel | core_i7 | 3740qm | |
| intel | core_i7 | 3770 | |
| intel | core_i7 | 3770k | |
| intel | core_i7 | 3770s | |
| intel | core_i7 | 3770t | |
| intel | core_i7 | 3820qm | |
| intel | core_i7 | 3840qm | |
| intel | core_i7 | 4500u | |
| intel | core_i7 | 4510u | |
| intel | core_i7 | 4550u | |
| intel | core_i7 | 4558u | |
| intel | core_i7 | 4578u | |
| intel | core_i7 | 4600m | |
| intel | core_i7 | 4600u | |
| intel | core_i7 | 4610m | |
| intel | core_i7 | 4610y | |
| intel | core_i7 | 4650u | |
| intel | core_i7 | 4700ec | |
| intel | core_i7 | 4700eq | |
| intel | core_i7 | 4700hq | |
| intel | core_i7 | 4700mq | |
| intel | core_i7 | 4702ec | |
| intel | core_i7 | 4702hq | |
| intel | core_i7 | 4702mq | |
| intel | core_i7 | 4710hq | |
| intel | core_i7 | 4710mq | |
| intel | core_i7 | 4712hq | |
| intel | core_i7 | 4712mq | |
| intel | core_i7 | 4720hq | |
| intel | core_i7 | 4722hq | |
| intel | core_i7 | 4750hq | |
| intel | core_i7 | 4760hq | |
| intel | core_i7 | 4765t | |
| intel | core_i7 | 4770 | |
| intel | core_i7 | 4770hq | |
| intel | core_i7 | 4770k | |
| intel | core_i7 | 4770r | |
| intel | core_i7 | 4770s | |
| intel | core_i7 | 4770t | |
| intel | core_i7 | 4770te | |
| intel | core_i7 | 4771 | |
| intel | core_i7 | 4785t | |
| intel | core_i7 | 4790 | |
| intel | core_i7 | 4790k | |
| intel | core_i7 | 4790s | |
| intel | core_i7 | 4790t | |
| intel | core_i7 | 4800mq | |
| intel | core_i7 | 4810mq | |
| intel | core_i7 | 4850hq | |
| intel | core_i7 | 4860hq | |
| intel | core_i7 | 4870hq | |
| intel | core_i7 | 4900mq | |
| intel | core_i7 | 4910mq | |
| intel | core_i7 | 4950hq | |
| intel | core_i7 | 4960hq | |
| intel | core_i7 | 4980hq | |
| intel | core_i7 | 5500u | |
| intel | core_i7 | 5550u | |
| intel | core_i7 | 5557u | |
| intel | core_i7 | 5600u | |
| intel | core_i7 | 5650u | |
| intel | core_i7 | 5700eq | |
| intel | core_i7 | 5700hq | |
| intel | core_i7 | 5750hq | |
| intel | core_i7 | 5775c | |
| intel | core_i7 | 5775r | |
| intel | core_i7 | 5850eq | |
| intel | core_i7 | 5850hq | |
| intel | core_i7 | 5950hq | |
| intel | core_i7 | 7500u | |
| intel | core_i7 | 7560u | |
| intel | core_i7 | 7567u | |
| intel | core_i7 | 7600u | |
| intel | core_i7 | 7660u | |
| intel | core_i7 | 7700 | |
| intel | core_i7 | 7700hq | |
| intel | core_i7 | 7700k | |
| intel | core_i7 | 7700t | |
| intel | core_i7 | 7820eq | |
| intel | core_i7 | 7820hk | |
| intel | core_i7 | 7820hq | |
| intel | core_i7 | 7920hq | |
| intel | core_i7 | 8550u | |
| intel | core_i7 | 8650u | |
| intel | core_i7 | 8700 | |
| intel | core_i7 | 8700k | |
| intel | core_m | 5y10 | |
| intel | core_m | 5y10a | |
| intel | core_m | 5y10c | |
| intel | core_m | 5y31 | |
| intel | core_m | 5y51 | |
| intel | core_m | 5y70 | |
| intel | core_m | 5y71 | |
| intel | core_m3 | 6y30 | |
| intel | core_m3 | 7y30 | |
| intel | core_m3 | 7y32 | |
| intel | core_m5 | 6y54 | |
| intel | core_m5 | 6y57 | |
| intel | core_m7 | 6y75 | |
| intel | pentium_j | j2850 | |
| intel | pentium_j | j2900 | |
| intel | pentium_j | j3710 | |
| intel | pentium_j | j4205 | |
| intel | pentium_n | n3510 | |
| intel | pentium_n | n3520 | |
| intel | pentium_n | n3530 | |
| intel | pentium_n | n3540 | |
| intel | pentium_n | n3700 | |
| intel | pentium_n | n3710 | |
| intel | pentium_n | n4200 | |
| intel | xeon | e5502 | |
| intel | xeon | e5503 | |
| intel | xeon | e5504 | |
| intel | xeon | e5506 | |
| intel | xeon | e5507 | |
| intel | xeon | e5520 | |
| intel | xeon | e5530 | |
| intel | xeon | e5540 | |
| intel | xeon | e5603 | |
| intel | xeon | e5606 | |
| intel | xeon | e5607 | |
| intel | xeon | e5620 | |
| intel | xeon | e5630 | |
| intel | xeon | e5640 | |
| intel | xeon | e5645 | |
| intel | xeon | e5649 | |
| intel | xeon | e6510 | |
| intel | xeon | e6540 | |
| intel | xeon | e7520 | |
| intel | xeon | e7530 | |
| intel | xeon | e7540 | |
| intel | xeon | ec5509 | |
| intel | xeon | ec5539 | |
| intel | xeon | ec5549 | |
| intel | xeon | l3406 | |
| intel | xeon | l3426 | |
| intel | xeon | l5506 | |
| intel | xeon | l5508 | |
| intel | xeon | l5518 | |
| intel | xeon | l5520 | |
| intel | xeon | l5530 | |
| intel | xeon | l5609 | |
| intel | xeon | l5618 | |
| intel | xeon | l5630 | |
| intel | xeon | l5638 | |
| intel | xeon | l5640 | |
| intel | xeon | l7545 | |
| intel | xeon | l7555 | |
| intel | xeon | lc5518 | |
| intel | xeon | lc5528 | |
| intel | xeon | w3670 | |
| intel | xeon | w3680 | |
| intel | xeon | w3690 | |
| intel | xeon | w5580 | |
| intel | xeon | w5590 | |
| intel | xeon | x3430 | |
| intel | xeon | x3440 | |
| intel | xeon | x3450 | |
| intel | xeon | x3460 | |
| intel | xeon | x3470 | |
| intel | xeon | x3480 | |
| intel | xeon | x5550 | |
| intel | xeon | x5560 | |
| intel | xeon | x5570 | |
| intel | xeon | x5647 | |
| intel | xeon | x5650 | |
| intel | xeon | x5660 | |
| intel | xeon | x5667 | |
| intel | xeon | x5670 | |
| intel | xeon | x5672 | |
| intel | xeon | x5675 | |
| intel | xeon | x5677 | |
| intel | xeon | x5680 | |
| intel | xeon | x5687 | |
| intel | xeon | x5690 | |
| intel | xeon | x6550 | |
| intel | xeon | x7542 | |
| intel | xeon | x7550 | |
| intel | xeon | x7560 | |
| intel | xeon_bronze_3104 | - | |
| intel | xeon_bronze_3106 | - | |
| intel | xeon_e-1105c | - | |
| intel | xeon_e3 | 1505m_v6 | |
| intel | xeon_e3 | 1515m_v5 | |
| intel | xeon_e3 | 1535m_v5 | |
| intel | xeon_e3 | 1535m_v6 | |
| intel | xeon_e3 | 1545m_v5 | |
| intel | xeon_e3 | 1558l_v5 | |
| intel | xeon_e3 | 1565l_v5 | |
| intel | xeon_e3 | 1575m_v5 | |
| intel | xeon_e3 | 1578l_v5 | |
| intel | xeon_e3 | 1585_v5 | |
| intel | xeon_e3 | 1585l_v5 | |
| intel | xeon_e3_1105c_v2 | - | |
| intel | xeon_e3_1125c | - | |
| intel | xeon_e3_1125c_v2 | - | |
| intel | xeon_e3_1220 | - | |
| intel | xeon_e3_1220_v2 | - | |
| intel | xeon_e3_1220_v3 | - | |
| intel | xeon_e3_1220_v5 | - | |
| intel | xeon_e3_1220_v6 | - | |
| intel | xeon_e3_12201 | - | |
| intel | xeon_e3_12201_v2 | - | |
| intel | xeon_e3_1220l_v3 | - | |
| intel | xeon_e3_1225 | - | |
| intel | xeon_e3_1225_v2 | - | |
| intel | xeon_e3_1225_v3 | - | |
| intel | xeon_e3_1225_v5 | - | |
| intel | xeon_e3_1225_v6 | - | |
| intel | xeon_e3_1226_v3 | - | |
| intel | xeon_e3_1230 | - | |
| intel | xeon_e3_1230_v2 | - | |
| intel | xeon_e3_1230_v3 | - | |
| intel | xeon_e3_1230_v5 | - | |
| intel | xeon_e3_1230_v6 | - | |
| intel | xeon_e3_1230l_v3 | - | |
| intel | xeon_e3_1231_v3 | - | |
| intel | xeon_e3_1235 | - | |
| intel | xeon_e3_1235l_v5 | - | |
| intel | xeon_e3_1240 | - | |
| intel | xeon_e3_1240_v2 | - | |
| intel | xeon_e3_1240_v3 | - | |
| intel | xeon_e3_1240_v5 | - | |
| intel | xeon_e3_1240_v6 | - | |
| intel | xeon_e3_1240l_v3 | - | |
| intel | xeon_e3_1240l_v5 | - | |
| intel | xeon_e3_1241_v3 | - | |
| intel | xeon_e3_1245 | - | |
| intel | xeon_e3_1245_v2 | - | |
| intel | xeon_e3_1245_v3 | - | |
| intel | xeon_e3_1245_v5 | - | |
| intel | xeon_e3_1245_v6 | - | |
| intel | xeon_e3_1246_v3 | - | |
| intel | xeon_e3_1258l_v4 | - | |
| intel | xeon_e3_1260l | - | |
| intel | xeon_e3_1260l_v5 | - | |
| intel | xeon_e3_1265l_v2 | - | |
| intel | xeon_e3_1265l_v3 | - | |
| intel | xeon_e3_1265l_v4 | - | |
| intel | xeon_e3_1268l_v3 | - | |
| intel | xeon_e3_1268l_v5 | - | |
| intel | xeon_e3_1270 | - | |
| intel | xeon_e3_1270_v2 | - | |
| intel | xeon_e3_1270_v3 | - | |
| intel | xeon_e3_1270_v5 | - | |
| intel | xeon_e3_1270_v6 | - | |
| intel | xeon_e3_1271_v3 | - | |
| intel | xeon_e3_1275 | - | |
| intel | xeon_e3_1275_v2 | - | |
| intel | xeon_e3_1275_v3 | - | |
| intel | xeon_e3_1275_v5 | - | |
| intel | xeon_e3_1275_v6 | - | |
| intel | xeon_e3_1275l_v3 | - | |
| intel | xeon_e3_1276_v3 | - | |
| intel | xeon_e3_1278l_v4 | - | |
| intel | xeon_e3_1280 | - | |
| intel | xeon_e3_1280_v2 | - | |
| intel | xeon_e3_1280_v3 | - | |
| intel | xeon_e3_1280_v5 | - | |
| intel | xeon_e3_1280_v6 | - | |
| intel | xeon_e3_1281_v3 | - | |
| intel | xeon_e3_1285_v3 | - | |
| intel | xeon_e3_1285_v4 | - | |
| intel | xeon_e3_1285_v6 | - | |
| intel | xeon_e3_1285l_v3 | - | |
| intel | xeon_e3_1285l_v4 | - | |
| intel | xeon_e3_1286_v3 | - | |
| intel | xeon_e3_1286l_v3 | - | |
| intel | xeon_e3_1290 | - | |
| intel | xeon_e3_1290_v2 | - | |
| intel | xeon_e3_1501l_v6 | - | |
| intel | xeon_e3_1501m_v6 | - | |
| intel | xeon_e3_1505l_v5 | - | |
| intel | xeon_e3_1505l_v6 | - | |
| intel | xeon_e3_1505m_v5 | - | |
| intel | xeon_e5 | 2650l_v4 | |
| intel | xeon_e5 | 2658 | |
| intel | xeon_e5 | 2658_v2 | |
| intel | xeon_e5 | 2658_v3 | |
| intel | xeon_e5 | 2658_v4 | |
| intel | xeon_e5 | 2658a_v3 | |
| intel | xeon_e5 | 2660 | |
| intel | xeon_e5 | 2660_v2 | |
| intel | xeon_e5 | 2660_v3 | |
| intel | xeon_e5 | 2660_v4 | |
| intel | xeon_e5 | 2665 | |
| intel | xeon_e5 | 2667 | |
| intel | xeon_e5 | 2667_v2 | |
| intel | xeon_e5 | 2667_v3 | |
| intel | xeon_e5 | 2667_v4 | |
| intel | xeon_e5 | 2670 | |
| intel | xeon_e5 | 2670_v2 | |
| intel | xeon_e5 | 2670_v3 | |
| intel | xeon_e5 | 2680 | |
| intel | xeon_e5 | 2680_v2 | |
| intel | xeon_e5 | 2680_v3 | |
| intel | xeon_e5 | 2680_v4 | |
| intel | xeon_e5 | 2683_v3 | |
| intel | xeon_e5 | 2683_v4 | |
| intel | xeon_e5 | 2687w | |
| intel | xeon_e5 | 2687w_v2 | |
| intel | xeon_e5 | 2687w_v3 | |
| intel | xeon_e5 | 2687w_v4 | |
| intel | xeon_e5 | 2690 | |
| intel | xeon_e5 | 2690_v2 | |
| intel | xeon_e5 | 2690_v3 | |
| intel | xeon_e5 | 2690_v4 | |
| intel | xeon_e5 | 2695_v2 | |
| intel | xeon_e5 | 2695_v3 | |
| intel | xeon_e5 | 2695_v4 | |
| intel | xeon_e5 | 2697_v2 | |
| intel | xeon_e5 | 2697_v3 | |
| intel | xeon_e5 | 2697_v4 | |
| intel | xeon_e5 | 2697a_v4 | |
| intel | xeon_e5 | 2698_v3 | |
| intel | xeon_e5 | 2698_v4 | |
| intel | xeon_e5 | 2699_v3 | |
| intel | xeon_e5 | 2699_v4 | |
| intel | xeon_e5 | 2699a_v4 | |
| intel | xeon_e5 | 2699r_v4 | |
| intel | xeon_e5 | 4603 | |
| intel | xeon_e5 | 4603_v2 | |
| intel | xeon_e5 | 4607 | |
| intel | xeon_e5 | 4607_v2 | |
| intel | xeon_e5 | 4610 | |
| intel | xeon_e5 | 4610_v2 | |
| intel | xeon_e5 | 4610_v3 | |
| intel | xeon_e5 | 4610_v4 | |
| intel | xeon_e5 | 4617 | |
| intel | xeon_e5 | 4620 | |
| intel | xeon_e5 | 4620_v2 | |
| intel | xeon_e5 | 4620_v3 | |
| intel | xeon_e5 | 4620_v4 | |
| intel | xeon_e5 | 4624l_v2 | |
| intel | xeon_e5 | 4627_v2 | |
| intel | xeon_e5 | 4627_v3 | |
| intel | xeon_e5 | 4627_v4 | |
| intel | xeon_e5 | 4628l_v4 | |
| intel | xeon_e5 | 4640 | |
| intel | xeon_e5 | 4640_v2 | |
| intel | xeon_e5 | 4640_v3 | |
| intel | xeon_e5 | 4640_v4 | |
| intel | xeon_e5 | 4648_v3 | |
| intel | xeon_e5 | 4650 | |
| intel | xeon_e5 | 4650_v2 | |
| intel | xeon_e5 | 4650_v3 | |
| intel | xeon_e5 | 4650_v4 | |
| intel | xeon_e5 | 4650l | |
| intel | xeon_e5 | 4655_v3 | |
| intel | xeon_e5 | 4655_v4 | |
| intel | xeon_e5 | 4657l_v2 | |
| intel | xeon_e5 | 4660_v3 | |
| intel | xeon_e5 | 4660_v4 | |
| intel | xeon_e5 | 4667_v3 | |
| intel | xeon_e5 | 4667_v4 | |
| intel | xeon_e5 | 4669_v3 | |
| intel | xeon_e5 | 4669_v4 | |
| intel | xeon_e5_1428l | - | |
| intel | xeon_e5_1428l_v2 | - | |
| intel | xeon_e5_1428l_v3 | - | |
| intel | xeon_e5_1620 | - | |
| intel | xeon_e5_1620_v2 | - | |
| intel | xeon_e5_1620_v3 | - | |
| intel | xeon_e5_1620_v4 | - | |
| intel | xeon_e5_1630_v3 | - | |
| intel | xeon_e5_1630_v4 | - | |
| intel | xeon_e5_1650 | - | |
| intel | xeon_e5_1650_v2 | - | |
| intel | xeon_e5_1650_v3 | - | |
| intel | xeon_e5_1650_v4 | - | |
| intel | xeon_e5_1660 | - | |
| intel | xeon_e5_1660_v2 | - | |
| intel | xeon_e5_1660_v3 | - | |
| intel | xeon_e5_1660_v4 | - | |
| intel | xeon_e5_1680_v3 | - | |
| intel | xeon_e5_1680_v4 | - | |
| intel | xeon_e5_2403 | - | |
| intel | xeon_e5_2403_v2 | - | |
| intel | xeon_e5_2407 | - | |
| intel | xeon_e5_2407_v2 | - | |
| intel | xeon_e5_2408l_v3 | - | |
| intel | xeon_e5_2418l | - | |
| intel | xeon_e5_2418l_v2 | - | |
| intel | xeon_e5_2418l_v3 | - | |
| intel | xeon_e5_2420 | - | |
| intel | xeon_e5_2420_v2 | - | |
| intel | xeon_e5_2428l | - | |
| intel | xeon_e5_2428l_v2 | - | |
| intel | xeon_e5_2428l_v3 | - | |
| intel | xeon_e5_2430 | - | |
| intel | xeon_e5_2430_v2 | - | |
| intel | xeon_e5_2430l | - | |
| intel | xeon_e5_2430l_v2 | - | |
| intel | xeon_e5_2438l_v3 | - | |
| intel | xeon_e5_2440 | - | |
| intel | xeon_e5_2440_v2 | - | |
| intel | xeon_e5_2448l | - | |
| intel | xeon_e5_2448l_v2 | - | |
| intel | xeon_e5_2450 | - | |
| intel | xeon_e5_2450_v2 | - | |
| intel | xeon_e5_2450l | - | |
| intel | xeon_e5_2450l_v2 | - | |
| intel | xeon_e5_2470 | - | |
| intel | xeon_e5_2470_v2 | - | |
| intel | xeon_e5_2603 | - | |
| intel | xeon_e5_2603_v2 | - | |
| intel | xeon_e5_2603_v3 | - | |
| intel | xeon_e5_2603_v4 | - | |
| intel | xeon_e5_2608l_v3 | - | |
| intel | xeon_e5_2608l_v4 | - | |
| intel | xeon_e5_2609 | - | |
| intel | xeon_e5_2609_v2 | - | |
| intel | xeon_e5_2609_v3 | - | |
| intel | xeon_e5_2609_v4 | - | |
| intel | xeon_e5_2618l_v2 | - | |
| intel | xeon_e5_2618l_v3 | - | |
| intel | xeon_e5_2618l_v4 | - | |
| intel | xeon_e5_2620 | - | |
| intel | xeon_e5_2620_v2 | - | |
| intel | xeon_e5_2620_v3 | - | |
| intel | xeon_e5_2620_v4 | - | |
| intel | xeon_e5_2623_v3 | - | |
| intel | xeon_e5_2623_v4 | - | |
| intel | xeon_e5_2628l_v2 | - | |
| intel | xeon_e5_2628l_v3 | - | |
| intel | xeon_e5_2628l_v4 | - | |
| intel | xeon_e5_2630 | - | |
| intel | xeon_e5_2630_v2 | - | |
| intel | xeon_e5_2630_v3 | - | |
| intel | xeon_e5_2630_v4 | - | |
| intel | xeon_e5_2630l | - | |
| intel | xeon_e5_2630l_v2 | - | |
| intel | xeon_e5_2630l_v3 | - | |
| intel | xeon_e5_2630l_v4 | - | |
| intel | xeon_e5_2637 | - | |
| intel | xeon_e5_2637_v2 | - | |
| intel | xeon_e5_2637_v3 | - | |
| intel | xeon_e5_2637_v4 | - | |
| intel | xeon_e5_2640 | - | |
| intel | xeon_e5_2640_v2 | - | |
| intel | xeon_e5_2640_v3 | - | |
| intel | xeon_e5_2640_v4 | - | |
| intel | xeon_e5_2643 | - | |
| intel | xeon_e5_2643_v2 | - | |
| intel | xeon_e5_2643_v3 | - | |
| intel | xeon_e5_2643_v4 | - | |
| intel | xeon_e5_2648l | - | |
| intel | xeon_e5_2648l_v2 | - | |
| intel | xeon_e5_2648l_v3 | - | |
| intel | xeon_e5_2648l_v4 | - | |
| intel | xeon_e5_2650 | - | |
| intel | xeon_e5_2650_v2 | - | |
| intel | xeon_e5_2650_v3 | - | |
| intel | xeon_e5_2650_v4 | - | |
| intel | xeon_e5_2650l | - | |
| intel | xeon_e5_2650l_v2 | - | |
| intel | xeon_e5_2650l_v3 | - | |
| intel | xeon_e7 | 2803 | |
| intel | xeon_e7 | 2820 | |
| intel | xeon_e7 | 2830 | |
| intel | xeon_e7 | 2850 | |
| intel | xeon_e7 | 2850_v2 | |
| intel | xeon_e7 | 2860 | |
| intel | xeon_e7 | 2870 | |
| intel | xeon_e7 | 2870_v2 | |
| intel | xeon_e7 | 2880_v2 | |
| intel | xeon_e7 | 2890_v2 | |
| intel | xeon_e7 | 4807 | |
| intel | xeon_e7 | 4809_v2 | |
| intel | xeon_e7 | 4809_v3 | |
| intel | xeon_e7 | 4809_v4 | |
| intel | xeon_e7 | 4820 | |
| intel | xeon_e7 | 4820_v2 | |
| intel | xeon_e7 | 4820_v3 | |
| intel | xeon_e7 | 4820_v4 | |
| intel | xeon_e7 | 4830 | |
| intel | xeon_e7 | 4830_v2 | |
| intel | xeon_e7 | 4830_v3 | |
| intel | xeon_e7 | 4830_v4 | |
| intel | xeon_e7 | 4850 | |
| intel | xeon_e7 | 4850_v2 | |
| intel | xeon_e7 | 4850_v3 | |
| intel | xeon_e7 | 4850_v4 | |
| intel | xeon_e7 | 4860 | |
| intel | xeon_e7 | 4860_v2 | |
| intel | xeon_e7 | 4870 | |
| intel | xeon_e7 | 4870_v2 | |
| intel | xeon_e7 | 4880_v2 | |
| intel | xeon_e7 | 4890_v2 | |
| intel | xeon_e7 | 8830 | |
| intel | xeon_e7 | 8837 | |
| intel | xeon_e7 | 8850 | |
| intel | xeon_e7 | 8850_v2 | |
| intel | xeon_e7 | 8857_v2 | |
| intel | xeon_e7 | 8860 | |
| intel | xeon_e7 | 8860_v3 | |
| intel | xeon_e7 | 8860_v4 | |
| intel | xeon_e7 | 8867_v3 | |
| intel | xeon_e7 | 8867_v4 | |
| intel | xeon_e7 | 8867l | |
| intel | xeon_e7 | 8870 | |
| intel | xeon_e7 | 8870_v2 | |
| intel | xeon_e7 | 8870_v3 | |
| intel | xeon_e7 | 8870_v4 | |
| intel | xeon_e7 | 8880_v2 | |
| intel | xeon_e7 | 8880_v3 | |
| intel | xeon_e7 | 8880_v4 | |
| intel | xeon_e7 | 8880l_v2 | |
| intel | xeon_e7 | 8880l_v3 | |
| intel | xeon_e7 | 8890_v2 | |
| intel | xeon_e7 | 8890_v3 | |
| intel | xeon_e7 | 8890_v4 | |
| intel | xeon_e7 | 8891_v2 | |
| intel | xeon_e7 | 8891_v3 | |
| intel | xeon_e7 | 8891_v4 | |
| intel | xeon_e7 | 8893_v2 | |
| intel | xeon_e7 | 8893_v3 | |
| intel | xeon_e7 | 8893_v4 | |
| intel | xeon_e7 | 8894_v4 | |
| intel | xeon_gold | 5115 | |
| intel | xeon_gold | 5118 | |
| intel | xeon_gold | 5119t | |
| intel | xeon_gold | 5120 | |
| intel | xeon_gold | 5120t | |
| intel | xeon_gold | 5122 | |
| intel | xeon_gold | 6126 | |
| intel | xeon_gold | 6126f | |
| intel | xeon_gold | 6126t | |
| intel | xeon_gold | 6128 | |
| intel | xeon_gold | 6130 | |
| intel | xeon_gold | 6130f | |
| intel | xeon_gold | 6130t | |
| intel | xeon_gold | 6132 | |
| intel | xeon_gold | 6134 | |
| intel | xeon_gold | 6134m | |
| intel | xeon_gold | 6136 | |
| intel | xeon_gold | 6138 | |
| intel | xeon_gold | 6138f | |
| intel | xeon_gold | 6138t | |
| intel | xeon_gold | 6140 | |
| intel | xeon_gold | 6140m | |
| intel | xeon_gold | 6142 | |
| intel | xeon_gold | 6142f | |
| intel | xeon_gold | 6142m | |
| intel | xeon_gold | 6144 | |
| intel | xeon_gold | 6146 | |
| intel | xeon_gold | 6148 | |
| intel | xeon_gold | 6148f | |
| intel | xeon_gold | 6150 | |
| intel | xeon_gold | 6152 | |
| intel | xeon_gold | 6154 | |
| intel | xeon_phi | 7210 | |
| intel | xeon_phi | 7210f | |
| intel | xeon_phi | 7230 | |
| intel | xeon_phi | 7230f | |
| intel | xeon_phi | 7235 | |
| intel | xeon_phi | 7250 | |
| intel | xeon_phi | 7250f | |
| intel | xeon_phi | 7285 | |
| intel | xeon_phi | 7290 | |
| intel | xeon_phi | 7290f | |
| intel | xeon_phi | 7295 | |
| intel | xeon_platinum | 8153 | |
| intel | xeon_platinum | 8156 | |
| intel | xeon_platinum | 8158 | |
| intel | xeon_platinum | 8160 | |
| intel | xeon_platinum | 8160f | |
| intel | xeon_platinum | 8160m | |
| intel | xeon_platinum | 8160t | |
| intel | xeon_platinum | 8164 | |
| intel | xeon_platinum | 8168 | |
| intel | xeon_platinum | 8170 | |
| intel | xeon_platinum | 8170m | |
| intel | xeon_platinum | 8176 | |
| intel | xeon_platinum | 8176f | |
| intel | xeon_platinum | 8176m | |
| intel | xeon_platinum | 8180 | |
| intel | xeon_silver | 4108 | |
| intel | xeon_silver | 4109t | |
| intel | xeon_silver | 4110 | |
| intel | xeon_silver | 4112 | |
| intel | xeon_silver | 4114 | |
| intel | xeon_silver | 4114t | |
| intel | xeon_silver | 4116 | |
| intel | xeon_silver | 4116t | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.04 | |
| canonical | ubuntu_linux | 17.10 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| oracle | local_service_management_system | 13.1 | |
| oracle | local_service_management_system | 13.2 | |
| oracle | local_service_management_system | 13.3 | |
| oracle | solaris | 10 | |
| oracle | solaris | 11.3 | |
| synology | router_manager | * | |
| synology | skynas | - | |
| synology | virtual_machine_manager | * | |
| synology | diskstation_manager | * | |
| synology | vs960hd_firmware | - | |
| synology | vs960hd | - | |
| synology | vs360hd_firmware | - | |
| synology | vs360hd | - | |
| opensuse | leap | 42.2 | |
| opensuse | leap | 42.3 | |
| suse | suse_linux_enterprise_desktop | 12 | |
| suse | suse_linux_enterprise_desktop | 12 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 12 | |
| suse | suse_linux_enterprise_server | 12 | |
| suse | suse_linux_enterprise_server | 12 | |
| suse | suse_linux_enterprise_software_development_kit | 11 | |
| suse | suse_linux_enterprise_software_development_kit | 12 | |
| suse | suse_linux_enterprise_software_development_kit | 12 | |
| arm | cortex-r7_firmware | - | |
| arm | cortex-r7 | - | |
| arm | cortex-r8_firmware | - | |
| arm | cortex-r8 | - | |
| arm | cortex-a8_firmware | - | |
| arm | cortex-a8 | - | |
| arm | cortex-a9_firmware | - | |
| arm | cortex-a9 | - | |
| arm | cortex-a12_firmware | - | |
| arm | cortex-a12 | - | |
| arm | cortex-a15_firmware | - | |
| arm | cortex-a15 | - | |
| arm | cortex-a17_firmware | - | |
| arm | cortex-a17 | - | |
| arm | cortex-a57_firmware | - | |
| arm | cortex-a57 | - | |
| arm | cortex-a72_firmware | - | |
| arm | cortex-a72 | - | |
| arm | cortex-a73_firmware | - | |
| arm | cortex-a73 | - | |
| arm | cortex-a75_firmware | - | |
| arm | cortex-a75 | - | |
| arm | cortex-a76_firmware | - | |
| arm | cortex-a76 | - | |
| pepperl-fuchs | visunet_rm_shell | - | |
| pepperl-fuchs | btc12_firmware | - | |
| pepperl-fuchs | btc12 | - | |
| pepperl-fuchs | btc14_firmware | - | |
| pepperl-fuchs | btc14 | - | |
| netapp | hci | - | |
| netapp | solidfire | - | |
| phoenixcontact | bl_ppc_1000_firmware | - | |
| phoenixcontact | bl_ppc_1000 | - | |
| phoenixcontact | bl_ppc12_1000_firmware | - | |
| phoenixcontact | bl_ppc12_1000 | - | |
| phoenixcontact | bl_ppc15_1000_firmware | - | |
| phoenixcontact | bl_ppc15_1000 | - | |
| phoenixcontact | bl_ppc17_1000_firmware | - | |
| phoenixcontact | bl_ppc17_1000 | - | |
| phoenixcontact | bl_bpc_2000_firmware | - | |
| phoenixcontact | bl_bpc_2000 | - | |
| phoenixcontact | bl_bpc_2001_firmware | - | |
| phoenixcontact | bl_bpc_2001 | - | |
| phoenixcontact | bl_bpc_3000_firmware | - | |
| phoenixcontact | bl_bpc_3000 | - | |
| phoenixcontact | bl_bpc_3001_firmware | - | |
| phoenixcontact | bl_bpc_3001 | - | |
| phoenixcontact | bl_ppc15_3000_firmware | - | |
| phoenixcontact | bl_ppc15_3000 | - | |
| phoenixcontact | bl_ppc17_3000_firmware | - | |
| phoenixcontact | bl_ppc17_3000 | - | |
| phoenixcontact | bl_bpc_7000_firmware | - | |
| phoenixcontact | bl_bpc_7000 | - | |
| phoenixcontact | bl_bpc_7001_firmware | - | |
| phoenixcontact | bl_bpc_7001 | - | |
| phoenixcontact | bl_ppc_7000_firmware | - | |
| phoenixcontact | bl_ppc_7000 | - | |
| phoenixcontact | bl_ppc15_7000_firmware | - | |
| phoenixcontact | bl_ppc15_7000 | - | |
| phoenixcontact | bl_ppc17_7000_firmware | - | |
| phoenixcontact | bl_ppc17_7000 | - | |
| phoenixcontact | bl_rackmount_2u_firmware | - | |
| phoenixcontact | bl_rackmount_2u | - | |
| phoenixcontact | bl_rackmount_4u_firmware | - | |
| phoenixcontact | bl_rackmount_4u | - | |
| phoenixcontact | bl2_bpc_1000_firmware | - | |
| phoenixcontact | bl2_bpc_1000 | - | |
| phoenixcontact | bl2_ppc_1000_firmware | - | |
| phoenixcontact | bl2_ppc_1000 | - | |
| phoenixcontact | bl2_bpc_2000_firmware | - | |
| phoenixcontact | bl2_bpc_2000 | - | |
| phoenixcontact | bl2_ppc_2000_firmware | - | |
| phoenixcontact | bl2_ppc_2000 | - | |
| phoenixcontact | bl2_bpc_7000_firmware | - | |
| phoenixcontact | bl2_bpc_7000 | - | |
| phoenixcontact | bl2_ppc_7000_firmware | - | |
| phoenixcontact | bl2_ppc_7000 | - | |
| phoenixcontact | dl_ppc15_1000_firmware | - | |
| phoenixcontact | dl_ppc15_1000 | - | |
| phoenixcontact | dl_ppc15m_7000_firmware | - | |
| phoenixcontact | dl_ppc15m_7000 | - | |
| phoenixcontact | dl_ppc18.5m_7000_firmware | - | |
| phoenixcontact | dl_ppc18.5m_7000 | - | |
| phoenixcontact | dl_ppc21.5m_7000_firmware | - | |
| phoenixcontact | dl_ppc21.5m_7000 | - | |
| phoenixcontact | el_ppc_1000_firmware | - | |
| phoenixcontact | el_ppc_1000 | - | |
| phoenixcontact | el_ppc_1000\/wt_firmware | - | |
| phoenixcontact | el_ppc_1000\/wt | - | |
| phoenixcontact | el_ppc_1000\/m_firmware | - | |
| phoenixcontact | el_ppc_1000\/m | - | |
| phoenixcontact | valueline_ipc_firmware | - | |
| phoenixcontact | valueline_ipc | - | |
| phoenixcontact | vl_bpc_1000_firmware | - | |
| phoenixcontact | vl_bpc_1000 | - | |
| phoenixcontact | vl_bpc_2000_firmware | - | |
| phoenixcontact | vl_bpc_2000 | - | |
| phoenixcontact | vl_ppc_2000_firmware | - | |
| phoenixcontact | vl_ppc_2000 | - | |
| phoenixcontact | vl_bpc_3000_firmware | - | |
| phoenixcontact | vl_bpc_3000 | - | |
| phoenixcontact | vl_ppc_3000_firmware | - | |
| phoenixcontact | vl_ppc_3000 | - | |
| phoenixcontact | vl_ipc_p7000_firmware | - | |
| phoenixcontact | vl_ipc_p7000 | - | |
| phoenixcontact | vl2_bpc_1000_firmware | - | |
| phoenixcontact | vl2_bpc_1000 | - | |
| phoenixcontact | vl2_ppc_1000_firmware | - | |
| phoenixcontact | vl2_ppc_1000 | - | |
| phoenixcontact | vl2_bpc_2000_firmware | - | |
| phoenixcontact | vl2_bpc_2000 | - | |
| phoenixcontact | vl2_ppc_2000_firmware | - | |
| phoenixcontact | vl2_ppc_2000 | - | |
| phoenixcontact | vl2_bpc_3000_firmware | - | |
| phoenixcontact | vl2_bpc_3000 | - | |
| phoenixcontact | vl2_ppc_3000_firmware | - | |
| phoenixcontact | vl2_ppc_3000 | - | |
| phoenixcontact | vl2_bpc_7000_firmware | - | |
| phoenixcontact | vl2_bpc_7000 | - | |
| phoenixcontact | vl2_ppc_7000_firmware | - | |
| phoenixcontact | vl2_ppc_7000 | - | |
| phoenixcontact | vl2_bpc_9000_firmware | - | |
| phoenixcontact | vl2_bpc_9000 | - | |
| phoenixcontact | vl2_ppc_9000_firmware | - | |
| phoenixcontact | vl2_ppc_9000 | - | |
| phoenixcontact | vl2_ppc7_1000_firmware | - | |
| phoenixcontact | vl2_ppc7_1000 | - | |
| phoenixcontact | vl2_ppc9_1000_firmware | - | |
| phoenixcontact | vl2_ppc9_1000 | - | |
| phoenixcontact | vl2_ppc12_1000_firmware | - | |
| phoenixcontact | vl2_ppc12_1000 | - | |
| siemens | simatic_itc1500_firmware | * | |
| siemens | simatic_itc1500 | v3 | |
| siemens | simatic_itc1500_pro_firmware | * | |
| siemens | simatic_itc1500_pro | v3 | |
| siemens | simatic_itc1900_firmware | * | |
| siemens | simatic_itc1900 | v3 | |
| siemens | simatic_itc1900_pro_firmware | * | |
| siemens | simatic_itc1900_pro | v3 | |
| siemens | simatic_itc2200_firmware | * | |
| siemens | simatic_itc2200 | v3 | |
| siemens | simatic_itc2200_pro_firmware | * | |
| siemens | simatic_itc2200_pro | v3 | |
| siemens | simatic_winac_rtx_\(f\)_2010_firmware | * | |
| siemens | simatic_winac_rtx_\(f\)_2010_firmware | 2010 | |
| siemens | simatic_winac_rtx_\(f\)_2010_firmware | 2010 | |
| siemens | simatic_winac_rtx_\(f\)_2010_firmware | 2010 | |
| siemens | simatic_winac_rtx_\(f\)_2010 | - | |
| vmware | fusion | * | |
| vmware | workstation | * | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 5.5.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.0 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| arm | cortex-a77_firmware | - | |
| arm | cortex-a77 | - | |
| arm | cortex-a78_firmware | - | |
| arm | cortex-a78 | - | |
| arm | cortex-a78ae_firmware | - | |
| arm | cortex-a78ae | - | |
| arm | neoverse_n1_firmware | - | |
| arm | neoverse_n1 | - | |
| arm | neoverse_n2_firmware | - | |
| arm | neoverse_n2 | - | |
| arm | cortex-x1_firmware | - | |
| arm | cortex-x1 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:atom_c:c2308:*:*:*:*:*:*:*",
"matchCriteriaId": "CD028C10-FD07-4206-A732-CCAC1B6D043D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c2316:*:*:*:*:*:*:*",
"matchCriteriaId": "704FAA50-1B7D-4917-AC4A-4C58785340F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c2338:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6B95D3-75BD-4826-BFBE-9701CC0FF052",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c2350:*:*:*:*:*:*:*",
"matchCriteriaId": "F66E31A6-EA01-40C8-8718-CE2C1F45EEB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c2358:*:*:*:*:*:*:*",
"matchCriteriaId": "DBBE3B05-2063-49DE-A1D3-9D0A62E0CF5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c2508:*:*:*:*:*:*:*",
"matchCriteriaId": "022F2CBE-EFB1-4962-AC91-D25AAB057DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c2516:*:*:*:*:*:*:*",
"matchCriteriaId": "69C05CD9-551B-46EE-85F8-D18FF878FE8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c2518:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCCB5A5-20E3-4EC5-956C-EA7C0F33A026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c2530:*:*:*:*:*:*:*",
"matchCriteriaId": "3C38C609-242E-4923-A81F-DAFBE7B6A927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c2538:*:*:*:*:*:*:*",
"matchCriteriaId": "2AEB08B5-7CBA-479A-A41B-FD8A6D9E0875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c2550:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C4FDD7-F2EC-4EDB-ACC9-3D6B9152C855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c2558:*:*:*:*:*:*:*",
"matchCriteriaId": "8E51DD0B-1EED-4BE9-B0A7-BE2E91CCA84C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c2718:*:*:*:*:*:*:*",
"matchCriteriaId": "D7AC7C56-2205-4121-99E2-001A7488E0FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c2730:*:*:*:*:*:*:*",
"matchCriteriaId": "A1677313-FF8F-493B-9DA3-C78F87581A17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c2738:*:*:*:*:*:*:*",
"matchCriteriaId": "4B2A3CCE-FA57-43B5-B7DE-CFD0CC2ECD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c2750:*:*:*:*:*:*:*",
"matchCriteriaId": "85CA4444-5103-4451-8A7C-F6BBE714BBB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c2758:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1EB745-46D7-4088-93C6-E7156520B144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3308:*:*:*:*:*:*:*",
"matchCriteriaId": "A93010C0-33B3-438F-94F6-8DA7A9D7B451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3338:*:*:*:*:*:*:*",
"matchCriteriaId": "2A988A78-6B3D-4599-A85C-42B4A294D86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3508:*:*:*:*:*:*:*",
"matchCriteriaId": "1D7C5EF4-3A92-4AF7-9B11-62B4FFDC5128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3538:*:*:*:*:*:*:*",
"matchCriteriaId": "246AA1B0-B6C8-406B-817D-26113DC63858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3558:*:*:*:*:*:*:*",
"matchCriteriaId": "00EE5B42-FF05-447C-BACC-0E650E773E49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3708:*:*:*:*:*:*:*",
"matchCriteriaId": "B0779CC9-BD39-4E0B-B523-A6C69F9EBB0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3750:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F0E3C4-7E9B-435F-907E-4BF4F12AF314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3758:*:*:*:*:*:*:*",
"matchCriteriaId": "5D616C72-0863-478C-9E87-3963C83B87E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3808:*:*:*:*:*:*:*",
"matchCriteriaId": "CC333B0D-3A0E-4629-8016-68C060343874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3830:*:*:*:*:*:*:*",
"matchCriteriaId": "6655535C-FF64-4F9E-8168-253AABCC4F5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3850:*:*:*:*:*:*:*",
"matchCriteriaId": "B1EDEA1E-9A19-4B3F-806E-D770D1AB4C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3858:*:*:*:*:*:*:*",
"matchCriteriaId": "BBD68F3F-7E38-40B9-A20B-B9BB45E8D042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3950:*:*:*:*:*:*:*",
"matchCriteriaId": "1EACEF19-83BC-4579-9274-BE367F914432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3955:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC73291-AA6F-40B0-860A-1F2E6AB1E2AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c:c3958:*:*:*:*:*:*:*",
"matchCriteriaId": "24128A7F-2B0B-4923-BA9E-9F5093D29423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_e:e3805:*:*:*:*:*:*:*",
"matchCriteriaId": "0990DD71-9E83-499D-9DAF-A466CF896CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_e:e3815:*:*:*:*:*:*:*",
"matchCriteriaId": "9B7FEDEF-9772-4FB1-9261-020487A795AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_e:e3825:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7B0F72-DEDF-40C4-887C-83725C52C92E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_e:e3826:*:*:*:*:*:*:*",
"matchCriteriaId": "9568C222-9816-4520-B01C-C1DC2A79002D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_e:e3827:*:*:*:*:*:*:*",
"matchCriteriaId": "4B2F8FAD-1688-4369-BB4B-9FA9F30A80A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_e:e3845:*:*:*:*:*:*:*",
"matchCriteriaId": "53A1F23D-7226-4479-B51F-36376CC80B04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x3:c3130:*:*:*:*:*:*:*",
"matchCriteriaId": "BAB245C8-9918-41A0-9DFB-A11E4185C87A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x3:c3200rk:*:*:*:*:*:*:*",
"matchCriteriaId": "9990DD08-BD81-4BFA-B3D4-0DECBF8CCC54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x3:c3205rk:*:*:*:*:*:*:*",
"matchCriteriaId": "F752A3C8-18ED-4765-B6EC-C664154EB701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x3:c3230rk:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F31C3F-7C0D-4D95-B4B9-89FD38076913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x3:c3235rk:*:*:*:*:*:*:*",
"matchCriteriaId": "5BEEE36E-E735-4A33-80B7-9407D072F6BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x3:c3265rk:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB3D3DE-21BE-40C7-A510-AC97C92390DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x3:c3295rk:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9A9545-38A3-460D-AB1A-8B03BEB405A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x3:c3405:*:*:*:*:*:*:*",
"matchCriteriaId": "1860D932-777D-41F2-94A2-D14AB1494AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x3:c3445:*:*:*:*:*:*:*",
"matchCriteriaId": "75165A10-2FD5-4370-814C-B60FDE339AFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:*",
"matchCriteriaId": "454AC633-5F1C-47BB-8FA7-91A5C29A1DD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2394E8C-58D9-480B-87A7-A41CD7697FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9AC02B-D3AE-4FAF-836E-55515186A462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z2420:*:*:*:*:*:*:*",
"matchCriteriaId": "65AAC7A7-77CA-4C6C-BD96-92A253512F09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z2460:*:*:*:*:*:*:*",
"matchCriteriaId": "FCD16C07-0050-495A-8722-7AC46F5920F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z2480:*:*:*:*:*:*:*",
"matchCriteriaId": "01423706-C82C-4457-9638-1A2380DE3826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z2520:*:*:*:*:*:*:*",
"matchCriteriaId": "A881E2D3-A668-465F-862B-F8C145BD5E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z2560:*:*:*:*:*:*:*",
"matchCriteriaId": "3E5B9B98-0EF0-4ACD-B378-F9DE5AB36CBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z2580:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDC6806-E4FC-4A6E-A6BB-88C18E47ABFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z2760:*:*:*:*:*:*:*",
"matchCriteriaId": "6602DD69-E59A-417D-B19F-CA16B01E652C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3460:*:*:*:*:*:*:*",
"matchCriteriaId": "05C493EE-EF9F-47E2-8F88-86DF6C5F1FF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3480:*:*:*:*:*:*:*",
"matchCriteriaId": "40010DAE-DD1A-4A81-B6E9-EDC1B0DDCAB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3530:*:*:*:*:*:*:*",
"matchCriteriaId": "ED96AC16-12CC-43F6-ACC8-009A06CDD8F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3560:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE9DC29-C192-4553-AF29-D39290976F47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3570:*:*:*:*:*:*:*",
"matchCriteriaId": "F625E647-B47E-404C-9C5B-72F3EB1C46F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3580:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AF3279-89E7-4C91-8C5F-5AD5937CD0C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3590:*:*:*:*:*:*:*",
"matchCriteriaId": "B5878612-9825-4737-85A5-8227BA97CBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3735d:*:*:*:*:*:*:*",
"matchCriteriaId": "F453D348-28CE-402B-9D40-A29436A24ECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3735e:*:*:*:*:*:*:*",
"matchCriteriaId": "36322F4B-83D7-468A-BB34-1C03729E9BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3735f:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD22811-C3C6-4B5E-98D5-D3F2240E6C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3735g:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C7D0BA-8F07-42AD-8BB9-C65472BE41C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3736f:*:*:*:*:*:*:*",
"matchCriteriaId": "B0A2A50E-94FA-44E9-A45D-3016750CFBDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3736g:*:*:*:*:*:*:*",
"matchCriteriaId": "5625CAD8-4A62-4747-B6D9-90E56F09B731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3740:*:*:*:*:*:*:*",
"matchCriteriaId": "43A234CE-D6AA-4A32-8425-1A4DDA0F6B6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3740d:*:*:*:*:*:*:*",
"matchCriteriaId": "78DE1A01-3AEF-41E6-97EE-CB93429C4A1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3745:*:*:*:*:*:*:*",
"matchCriteriaId": "410184AF-B932-4AC9-984F-73FD58BB4CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3745d:*:*:*:*:*:*:*",
"matchCriteriaId": "B265F073-9E0A-4CA0-8296-AB52DEB1C323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3770:*:*:*:*:*:*:*",
"matchCriteriaId": "3F664223-1CBC-4D8A-921B-F03AACA6672B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3770d:*:*:*:*:*:*:*",
"matchCriteriaId": "987A8470-08BA-45DE-8EC0-CD2B4451EECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3775:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBC9542-FB77-4769-BF67-D42829703920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3775d:*:*:*:*:*:*:*",
"matchCriteriaId": "74FDC18B-4662-422E-A86A-48FE821C056F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3785:*:*:*:*:*:*:*",
"matchCriteriaId": "CAB4AA2C-D1D9-44D8-9471-66EBDE9DC66D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_z:z3795:*:*:*:*:*:*:*",
"matchCriteriaId": "CBA3E7AE-CB74-48A8-A2B8-9FCADB6E40D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j:j1750:*:*:*:*:*:*:*",
"matchCriteriaId": "78E4461B-72F8-4F3D-A405-4AFA99EC8A32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j:j1800:*:*:*:*:*:*:*",
"matchCriteriaId": "663DDC1C-E48A-4E84-A6CC-B46FC45D6A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j:j1850:*:*:*:*:*:*:*",
"matchCriteriaId": "8CEEC75B-10CE-4B7E-BA5F-6D661EC07FFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j:j1900:*:*:*:*:*:*:*",
"matchCriteriaId": "DAEDED56-9387-4DAC-BF52-C32ECCB7D407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j:j3060:*:*:*:*:*:*:*",
"matchCriteriaId": "FA13F31C-BBD9-48C7-8499-92D0B5CA8CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j:j3160:*:*:*:*:*:*:*",
"matchCriteriaId": "E57A9B28-734B-401D-B24C-A295F364D8E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j:j3355:*:*:*:*:*:*:*",
"matchCriteriaId": "F02289DF-4A02-4602-89B7-E9148236EE1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j:j3455:*:*:*:*:*:*:*",
"matchCriteriaId": "723E7155-493D-4B5A-99E2-AB261838190E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j:j4005:*:*:*:*:*:*:*",
"matchCriteriaId": "82E37264-E4BA-4D9D-92E7-56DE6B5F918F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j:j4105:*:*:*:*:*:*:*",
"matchCriteriaId": "8704BE6D-2857-4328-9298-E0273376F2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n2805:*:*:*:*:*:*:*",
"matchCriteriaId": "731F1E65-1D53-443B-8E2F-8AF11191AFA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n2806:*:*:*:*:*:*:*",
"matchCriteriaId": "02A83822-822D-4A4D-B29B-A5BE6367A7DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n2807:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C32738-F08E-469C-8DE0-2708F30574A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n2808:*:*:*:*:*:*:*",
"matchCriteriaId": "B292187E-8EAD-49D2-B469-B14CA0656035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n2810:*:*:*:*:*:*:*",
"matchCriteriaId": "C7D131E1-24C1-48CF-B3DD-46B09A718FB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n2815:*:*:*:*:*:*:*",
"matchCriteriaId": "0ABF1231-73CF-4D1B-860C-E76CD26A645E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n2820:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F88E38-4EC4-41DB-A59D-800997440C0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n2830:*:*:*:*:*:*:*",
"matchCriteriaId": "32FD6647-4101-4B36-9A9A-F70C29997148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n2840:*:*:*:*:*:*:*",
"matchCriteriaId": "D248D668-A895-43B3-ADEF-1B22EE7DC76E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n2910:*:*:*:*:*:*:*",
"matchCriteriaId": "858411B5-E904-45FA-8B33-5CC73B915B22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n2920:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB9336C-C893-4AB0-9402-868CE9960058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n2930:*:*:*:*:*:*:*",
"matchCriteriaId": "A4695F94-7AAE-4219-9EF6-CE6D0838192D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n2940:*:*:*:*:*:*:*",
"matchCriteriaId": "BD7A0991-73F0-410D-855C-BFC88A66E61F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n3000:*:*:*:*:*:*:*",
"matchCriteriaId": "FAF5CF9A-B3F2-4686-B933-7DB13AD2CF35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n3010:*:*:*:*:*:*:*",
"matchCriteriaId": "9858EAC3-C1CE-449B-A605-FFA337DA825D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n3050:*:*:*:*:*:*:*",
"matchCriteriaId": "E7A8F905-A4C6-4EC6-B9E8-800948350B89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n3060:*:*:*:*:*:*:*",
"matchCriteriaId": "565B48E3-1406-4E3C-B4A5-35865C5614E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n3150:*:*:*:*:*:*:*",
"matchCriteriaId": "46B6C4D7-B0A2-4DF1-B8DE-19C806D5FABB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n3160:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB82A90-C0BC-4BA8-88CA-4967BC3A4A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n3350:*:*:*:*:*:*:*",
"matchCriteriaId": "191A094B-E354-4767-AD43-87CE140BF851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n3450:*:*:*:*:*:*:*",
"matchCriteriaId": "C1289B9E-5725-42EF-8848-F545421A29E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n4000:*:*:*:*:*:*:*",
"matchCriteriaId": "238A21CB-F8C5-468B-B523-6D014E2EA8AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n:n4100:*:*:*:*:*:*:*",
"matchCriteriaId": "0DC52CDD-614D-4EA0-8DA8-D71189C42E8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:330e:*:*:*:*:*:*:*",
"matchCriteriaId": "A4229DB2-8BBC-49F8-87A8-2E7D56EFD310",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:330m:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBA7322-4D95-4E70-B6A5-E0D8F1B5D7EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:330um:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E91F46-D950-4894-BACF-05A70C7C6F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:350m:*:*:*:*:*:*:*",
"matchCriteriaId": "0E12B40B-5221-48A6-B2A6-D44CD5636BB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:370m:*:*:*:*:*:*:*",
"matchCriteriaId": "6BCB77C9-ABE3-44A0-B377-7D7035E8A11F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:380m:*:*:*:*:*:*:*",
"matchCriteriaId": "D06639F5-5EE8-44F4-B48A-5694383154DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:380um:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9662C9-59D3-4B3E-A4DA-4F1EE16FC94B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:390m:*:*:*:*:*:*:*",
"matchCriteriaId": "637C3687-FBCC-41A0-BFE6-823BAE45FB92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:530:*:*:*:*:*:*:*",
"matchCriteriaId": "2350A197-193F-4B22-80E8-3275C97C78EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:540:*:*:*:*:*:*:*",
"matchCriteriaId": "734C7A7E-ACCA-4B34-BF38-0FAED988CC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:550:*:*:*:*:*:*:*",
"matchCriteriaId": "4D9ABAFC-B3B5-449D-A48E-2E978563EDE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:560:*:*:*:*:*:*:*",
"matchCriteriaId": "99019EA0-6576-4CE7-B60A-975D418AA917",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2100:*:*:*:*:*:*:*",
"matchCriteriaId": "8E846AEF-751D-40AD-84B5-EFDC9CF23E2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2100t:*:*:*:*:*:*:*",
"matchCriteriaId": "EB9DD909-B2AC-46BA-B057-D239D0773CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2102:*:*:*:*:*:*:*",
"matchCriteriaId": "54F5C355-FDFC-4E71-93AA-218389EF10E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2105:*:*:*:*:*:*:*",
"matchCriteriaId": "B0A1CA1E-971D-4F67-864E-2E772C1E736B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2115c:*:*:*:*:*:*:*",
"matchCriteriaId": "1B5F8391-D974-49AC-8550-ADB3FA6C0535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2120:*:*:*:*:*:*:*",
"matchCriteriaId": "8302BF58-9E54-40DA-BCFE-59CA52C460D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2120t:*:*:*:*:*:*:*",
"matchCriteriaId": "ECCDE9EF-037B-4650-8131-4D57BE141277",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2125:*:*:*:*:*:*:*",
"matchCriteriaId": "47BA9DA8-F690-4E3C-AEF6-6A5C7BAA6F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2130:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8253DA-9A04-40D6-84C1-C682B4023D4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2310e:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF6D175-85C3-4C72-AD9F-31B47EF43154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2310m:*:*:*:*:*:*:*",
"matchCriteriaId": "7A5FC594-2092-4240-9538-235BBE236DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2312m:*:*:*:*:*:*:*",
"matchCriteriaId": "87D95F00-EA89-4FDE-991C-56636B8E0331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2328m:*:*:*:*:*:*:*",
"matchCriteriaId": "32C40D38-F7F2-4A48-ADAA-6A8BBD6A1A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2330e:*:*:*:*:*:*:*",
"matchCriteriaId": "4158561F-8270-42D1-91D8-E063CE7F5505",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2330m:*:*:*:*:*:*:*",
"matchCriteriaId": "FF0DEA96-0202-41EB-BDC3-24E2FC4415B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2340ue:*:*:*:*:*:*:*",
"matchCriteriaId": "F8BACE1C-5D66-4FBC-8F86-30215A623A94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2348m:*:*:*:*:*:*:*",
"matchCriteriaId": "CF707146-0D64-4F3A-AE22-956EA1CB32B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2350m:*:*:*:*:*:*:*",
"matchCriteriaId": "8118C3F9-0853-4E87-9E65-86E1398B2780",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2357m:*:*:*:*:*:*:*",
"matchCriteriaId": "1A298501-C4D7-48D4-90F9-15AFA59DED48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2365m:*:*:*:*:*:*:*",
"matchCriteriaId": "FEE1B07B-3D92-4D2D-8667-D902F002277F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2367m:*:*:*:*:*:*:*",
"matchCriteriaId": "8F05CB19-1059-4C4D-BFD7-9F51A22A4F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2370m:*:*:*:*:*:*:*",
"matchCriteriaId": "5588732F-7F1A-4C24-B35F-30532107FFDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2375m:*:*:*:*:*:*:*",
"matchCriteriaId": "A127DD5D-426D-4F24-A8C5-DC9DAC94B91C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2377m:*:*:*:*:*:*:*",
"matchCriteriaId": "26EE0BBD-3982-4B0F-82F6-D58E077C75DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3110m:*:*:*:*:*:*:*",
"matchCriteriaId": "FAEEC918-EA25-4B38-B5C3-85899D3EBE6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3115c:*:*:*:*:*:*:*",
"matchCriteriaId": "813965F4-3BDA-4478-8E6A-0FD52723B764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3120m:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5EA2F4-F3EF-4305-B1A1-92F636ED688F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3120me:*:*:*:*:*:*:*",
"matchCriteriaId": "04384319-EE8C-45B4-8BDD-414502E7C02D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3130m:*:*:*:*:*:*:*",
"matchCriteriaId": "C52528CE-4F31-4E5F-8255-E576B20F3043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3210:*:*:*:*:*:*:*",
"matchCriteriaId": "A6C3F422-F865-4160-AA24-1DAFAE63729C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3217u:*:*:*:*:*:*:*",
"matchCriteriaId": "5D034E7F-4D17-49D7-BDB2-90CB4C709B30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3217ue:*:*:*:*:*:*:*",
"matchCriteriaId": "3C18E6B4-E947-403B-80FB-7095420D482B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3220:*:*:*:*:*:*:*",
"matchCriteriaId": "2814CC9F-E027-4C5A-93AF-84EA445E6C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3220t:*:*:*:*:*:*:*",
"matchCriteriaId": "24A470C3-AAAA-4A6E-B738-FEB69DB78B9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3225:*:*:*:*:*:*:*",
"matchCriteriaId": "A1236944-4942-40E4-9BA1-029FEAE94BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3227u:*:*:*:*:*:*:*",
"matchCriteriaId": "086CAB4B-A10A-4165-BC33-33CADCD23C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3229y:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A6A1EB-B3AB-4CB4-827E-CCAAD783F8E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3240:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFB6B30-BFB0-4397-9E16-37D1A772E639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3240t:*:*:*:*:*:*:*",
"matchCriteriaId": "DFCB9D7B-7D0A-435D-8499-C16BE09E19FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3245:*:*:*:*:*:*:*",
"matchCriteriaId": "64277594-9713-436B-8056-542CFA9F4CFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3250:*:*:*:*:*:*:*",
"matchCriteriaId": "589BB170-7CBA-4F28-99E3-9242B62E2918",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3250t:*:*:*:*:*:*:*",
"matchCriteriaId": "91B9C4D9-DA09-4377-9DCD-225857BD9FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4000m:*:*:*:*:*:*:*",
"matchCriteriaId": "03D0265F-840B-45A1-90BD-9ED8846A9F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4005u:*:*:*:*:*:*:*",
"matchCriteriaId": "74BAC0EC-2B38-4553-A399-4BD5483C4753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4010u:*:*:*:*:*:*:*",
"matchCriteriaId": "4477EBA6-F0A7-452B-96E8-BA788370CCA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4010y:*:*:*:*:*:*:*",
"matchCriteriaId": "1285D817-B5B8-4940-925D-FCDD24810AE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4012y:*:*:*:*:*:*:*",
"matchCriteriaId": "D289F7B4-27CD-4433-BB45-06AF98A59B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4020y:*:*:*:*:*:*:*",
"matchCriteriaId": "00168903-6012-4414-87D1-2EE52AA6D78E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4025u:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE8D524-577E-4994-8A4B-D15022C84D7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4030u:*:*:*:*:*:*:*",
"matchCriteriaId": "75977B0B-C44D-43BC-8D7A-AF966CDB1901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4030y:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7F5D52-9F41-49A4-B941-E0D777203FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4100e:*:*:*:*:*:*:*",
"matchCriteriaId": "52B5B3FD-5BEA-4DE8-B010-55FED1547167",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4100m:*:*:*:*:*:*:*",
"matchCriteriaId": "167B1B04-5823-4038-A019-3975A3B447C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4100u:*:*:*:*:*:*:*",
"matchCriteriaId": "F6C7A4EA-0B5E-47CD-8924-3B1B60EB4BE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4102e:*:*:*:*:*:*:*",
"matchCriteriaId": "1BA096E0-5480-47CB-822B-D11D7E20F69F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4110e:*:*:*:*:*:*:*",
"matchCriteriaId": "30357469-0B8F-4385-A282-2F50181EA442",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4110m:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE70772-7796-4594-880A-6AAD046E4D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4112e:*:*:*:*:*:*:*",
"matchCriteriaId": "1A9E2F8D-2974-4833-9EC2-233CEE257C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4120u:*:*:*:*:*:*:*",
"matchCriteriaId": "17EE3078-454F-48F8-B201-3847DB40D5C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4130:*:*:*:*:*:*:*",
"matchCriteriaId": "EE32C500-55C2-41A7-8621-14EBF793BF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4130t:*:*:*:*:*:*:*",
"matchCriteriaId": "52D3DF52-501A-4656-98F1-8DD51D04F31F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4150:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA603AD-6CF1-44B2-876D-6F1C0B7EF2C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4150t:*:*:*:*:*:*:*",
"matchCriteriaId": "09578301-CF39-4C24-951A-535743E277EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4158u:*:*:*:*:*:*:*",
"matchCriteriaId": "1F4D14AA-7DBF-4B73-BDEF-6248EF5C0F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4160:*:*:*:*:*:*:*",
"matchCriteriaId": "5A65F303-96C8-4884-8D6F-F439B86BA30C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4160t:*:*:*:*:*:*:*",
"matchCriteriaId": "1E046105-9DF5-425F-A97E-16081D54613C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4170:*:*:*:*:*:*:*",
"matchCriteriaId": "B2987BCF-39E6-49B6-8DEE-963A38F12B07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4170t:*:*:*:*:*:*:*",
"matchCriteriaId": "7AEDE2B7-9AA2-4A14-8A02-9A2BFF0DDCBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4330:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD92AD8-033A-4AAD-91E5-CB446CCE9732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4330t:*:*:*:*:*:*:*",
"matchCriteriaId": "77E0E73A-F1B4-4E70-B9F1-EE97785B8891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4330te:*:*:*:*:*:*:*",
"matchCriteriaId": "61D6E3CC-79B1-4995-9A76-41683C7F254A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4340:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CEB2B1-BD1A-4B89-8E03-4F90F04A0F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4340te:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE5773D-3CD1-4E63-8983-E0105C46D185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4350:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7C307A-6576-4A0A-8F4E-0981C9EE2901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4350t:*:*:*:*:*:*:*",
"matchCriteriaId": "18B3A53B-902C-46A5-8CE7-B55102703278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4360:*:*:*:*:*:*:*",
"matchCriteriaId": "AB843479-729A-4E58-8027-0FC586F051AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4360t:*:*:*:*:*:*:*",
"matchCriteriaId": "1AF5A233-1E77-49FD-AC2C-60D185481E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4370:*:*:*:*:*:*:*",
"matchCriteriaId": "18519CF2-B0DA-42DD-8A3E-9084298C210A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4370t:*:*:*:*:*:*:*",
"matchCriteriaId": "329D5FCF-7EC5-4471-906B-3619A180BD52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:5005u:*:*:*:*:*:*:*",
"matchCriteriaId": "0DD43EAA-F3A5-4748-9187-A6E6707ACD11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:5010u:*:*:*:*:*:*:*",
"matchCriteriaId": "C6F3C14D-4BFC-4205-8781-95E6B28C83C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:5015u:*:*:*:*:*:*:*",
"matchCriteriaId": "20942AD8-ADB7-4A50-BDBE-DB36249F4F52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:5020u:*:*:*:*:*:*:*",
"matchCriteriaId": "1EC6ED02-134B-4322-AB72-75A0AB22701E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:5157u:*:*:*:*:*:*:*",
"matchCriteriaId": "6FA74EEE-54CC-4F80-B1D3-99F7771335ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6006u:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B859F7-0373-4ADD-92B3-0FAB42FCF23C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6098p:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC76F31-00A5-4719-AA50-92F773919B3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100:*:*:*:*:*:*:*",
"matchCriteriaId": "49996F5A-51B2-4D4E-AE04-E98E093A76CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100e:*:*:*:*:*:*:*",
"matchCriteriaId": "9F8406B0-D1E5-4633-B17E-53DC99FE7622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100h:*:*:*:*:*:*:*",
"matchCriteriaId": "3D49435C-7C33-454B-9F43-9C10F28A28A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100t:*:*:*:*:*:*:*",
"matchCriteriaId": "D17E1A0F-1150-4899-81BC-BE84E4EF5FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100te:*:*:*:*:*:*:*",
"matchCriteriaId": "EADD98AE-BAB0-440D-AB9F-2D76BE5109E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100u:*:*:*:*:*:*:*",
"matchCriteriaId": "ED44A404-8548-4EDC-8928-4094D05A6A38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6102e:*:*:*:*:*:*:*",
"matchCriteriaId": "3A6E4AA3-BEBC-4B14-9A52-A8F8B2954D64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6157u:*:*:*:*:*:*:*",
"matchCriteriaId": "D2AAD8F0-0D31-4806-8A88-A30E5BE43630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6167u:*:*:*:*:*:*:*",
"matchCriteriaId": "8164EE5F-6ABA-4365-8718-2F98C2E57A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6300:*:*:*:*:*:*:*",
"matchCriteriaId": "C7110AF9-A407-4EE2-9C46-E5F1E3638E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6300t:*:*:*:*:*:*:*",
"matchCriteriaId": "2A06696D-37F0-427D-BFC5-1606E7441C31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6320:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F8A5FC-5EFE-42EC-A49B-D3A312FB5F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*",
"matchCriteriaId": "68A76015-0A05-4EC7-B136-DC13B55D881F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*",
"matchCriteriaId": "C352DCE8-E8D9-40D3-AFE9-B5FB84F7ED33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:430m:*:*:*:*:*:*:*",
"matchCriteriaId": "54464F6C-9B2D-46BA-AC44-506389F3EE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:430um:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA11017-EA58-45EE-8408-FCCCF7183643",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:450m:*:*:*:*:*:*:*",
"matchCriteriaId": "8A5098A5-E4E8-47E4-8CD0-F607FF0C0C90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:460m:*:*:*:*:*:*:*",
"matchCriteriaId": "442AD778-D56F-4C30-BBF8-749D6AAC4737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:470um:*:*:*:*:*:*:*",
"matchCriteriaId": "AF7D3F31-AF4D-4C50-8590-A763AAC7AF07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:480m:*:*:*:*:*:*:*",
"matchCriteriaId": "445BFC2E-38FA-4130-8550-0866EC4EDA33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:520e:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DC2746-CE41-40C9-8CFA-23231BBCAE77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:520m:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3A8976-5E4D-490A-A87D-A47D1B2B903C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:520um:*:*:*:*:*:*:*",
"matchCriteriaId": "0C8535E6-220E-4747-8992-45B6EAFC555C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:540m:*:*:*:*:*:*:*",
"matchCriteriaId": "C7479B49-F484-4DF2-86CB-E52EE89FA238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:540um:*:*:*:*:*:*:*",
"matchCriteriaId": "B6D68512-746D-4E95-857B-13A0B6313C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:560m:*:*:*:*:*:*:*",
"matchCriteriaId": "4312BA84-F9A0-4BD4-8438-058E1E7D6C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:560um:*:*:*:*:*:*:*",
"matchCriteriaId": "60E52DF5-C713-4BC4-B587-FF6BDA8509CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:580m:*:*:*:*:*:*:*",
"matchCriteriaId": "304ADCAC-9E49-42BD-BC92-58D9B2AD52E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:650:*:*:*:*:*:*:*",
"matchCriteriaId": "2AB02172-B9A7-4801-88F2-98BF5843184A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:655k:*:*:*:*:*:*:*",
"matchCriteriaId": "5141380E-BD18-47C1-A84C-384BA821773D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:660:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE6C49E-2359-4E44-9979-7D34F8460E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:661:*:*:*:*:*:*:*",
"matchCriteriaId": "C004B75F-37AF-4E61-98F3-1B09A7062DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:670:*:*:*:*:*:*:*",
"matchCriteriaId": "F7126D19-C6D9-43CB-8809-647B1A20E7DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:680:*:*:*:*:*:*:*",
"matchCriteriaId": "9CC98503-A80A-4114-8BF2-E016659BE84E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:750:*:*:*:*:*:*:*",
"matchCriteriaId": "01E6F4A7-24BE-4AA0-9CDD-84FBC56FE9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:750s:*:*:*:*:*:*:*",
"matchCriteriaId": "3821412D-B010-49C4-A7B4-6C5FB6C603B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:760:*:*:*:*:*:*:*",
"matchCriteriaId": "A34CA5CC-9EB1-4063-8B9D-3F566C1EFF76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2300:*:*:*:*:*:*:*",
"matchCriteriaId": "5CEB5D2D-FF54-4BDB-9E9C-8C1B2719FC9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2310:*:*:*:*:*:*:*",
"matchCriteriaId": "6AD5B51A-AEA0-4DA2-BA60-94A2D5605352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2320:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C6CA0-434D-428F-B629-A971C2937628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2380p:*:*:*:*:*:*:*",
"matchCriteriaId": "301AB72A-A6F2-42C8-A931-94EF2271443F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2390t:*:*:*:*:*:*:*",
"matchCriteriaId": "59414B5A-05B8-49AF-A197-2A31729DDB65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2400:*:*:*:*:*:*:*",
"matchCriteriaId": "0BFDD380-692F-41D7-996F-F97FC74DC7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2400s:*:*:*:*:*:*:*",
"matchCriteriaId": "49602828-2BFC-4571-9F05-6210FD263DF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2405s:*:*:*:*:*:*:*",
"matchCriteriaId": "87E03978-E16D-4A9B-8AE7-9F4F1171C14A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2410m:*:*:*:*:*:*:*",
"matchCriteriaId": "03096A9A-5758-47E6-81E2-BCFE847C41F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2430m:*:*:*:*:*:*:*",
"matchCriteriaId": "150CC865-7975-45EC-BFF7-A94146442BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2435m:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FA1308-589B-432B-80F9-9A499D083ED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2450m:*:*:*:*:*:*:*",
"matchCriteriaId": "6ED2453E-30E1-4620-BEC5-21B0083449E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2450p:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE8DD05-D700-4F89-9B01-D489029DF7A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2467m:*:*:*:*:*:*:*",
"matchCriteriaId": "050957CA-6191-4F9F-9D07-48B342B3B1B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2500:*:*:*:*:*:*:*",
"matchCriteriaId": "DACBF998-8B11-45C7-9017-486AED4FAE6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2500k:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F2F3C4-FC94-414A-A208-913A43D57D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2500s:*:*:*:*:*:*:*",
"matchCriteriaId": "641152EC-F4B4-4E5E-B396-AC4CAAB805BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2500t:*:*:*:*:*:*:*",
"matchCriteriaId": "4911E332-B8BA-4336-A448-3F70D2BBB147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2510e:*:*:*:*:*:*:*",
"matchCriteriaId": "330EC403-3174-4543-9BBE-CEC0ABC1575D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2515e:*:*:*:*:*:*:*",
"matchCriteriaId": "5EF585D0-507E-491E-9C3B-78EE26F2F070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2520m:*:*:*:*:*:*:*",
"matchCriteriaId": "DD00F7C6-6762-4DC9-9F6C-5EAC4ACB1C54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2537m:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5D885A-85C4-4A11-B061-61EFF6B6E329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2540m:*:*:*:*:*:*:*",
"matchCriteriaId": "0502B59F-933C-4E25-A2EC-9296B197E139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2550k:*:*:*:*:*:*:*",
"matchCriteriaId": "99D9C0A9-2DFF-4760-8FED-AC2DA7968E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2557m:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A1BAEC-18BF-4607-BFB7-48102E75186A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3210m:*:*:*:*:*:*:*",
"matchCriteriaId": "D49ED138-F42D-4451-A350-0B2DD5AB9444",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3230m:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED91472-90FC-4AC8-96D5-1550A8502411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3317u:*:*:*:*:*:*:*",
"matchCriteriaId": "57CEEFA6-CEED-4CA3-8DDC-B6601D69FB7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3320m:*:*:*:*:*:*:*",
"matchCriteriaId": "2FD25ECD-0605-4CD7-9DC5-294ACD7EF1B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3330:*:*:*:*:*:*:*",
"matchCriteriaId": "2784E2AF-A5E5-4960-830C-B3EFB84043D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3330s:*:*:*:*:*:*:*",
"matchCriteriaId": "9112FA50-5527-4B20-80F5-2DE9E66D09F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3337u:*:*:*:*:*:*:*",
"matchCriteriaId": "73CE4E2E-B2BF-409E-B18C-D67DA810FE9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3339y:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B84D67-0B1D-4B74-BC85-AF8F933D8429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3340:*:*:*:*:*:*:*",
"matchCriteriaId": "BCA05A18-1523-4EED-9D2E-0A258A33F24F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3340m:*:*:*:*:*:*:*",
"matchCriteriaId": "C34E70EB-92F0-43F6-8883-FE422BE1A3FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3340s:*:*:*:*:*:*:*",
"matchCriteriaId": "78D301F1-20C2-4756-9A90-37F14835CE14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3350p:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EEC8B5-1CAB-4FBE-BBA2-D2FFA3EF9489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3360m:*:*:*:*:*:*:*",
"matchCriteriaId": "BA63B803-4D48-42E8-A793-F92ABCB8BFC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3380m:*:*:*:*:*:*:*",
"matchCriteriaId": "129DB9CB-E878-4856-A954-15FFE1428636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3427u:*:*:*:*:*:*:*",
"matchCriteriaId": "730DB4AA-FD7D-40C6-8D7F-19937832EF9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3437u:*:*:*:*:*:*:*",
"matchCriteriaId": "07E86978-4820-422A-8C7C-FF0697DAED05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3439y:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A9DB5-F544-4FD8-A9CC-0BD6257516AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3450:*:*:*:*:*:*:*",
"matchCriteriaId": "AF813AD9-D296-4915-861C-8DE929E45FE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3450s:*:*:*:*:*:*:*",
"matchCriteriaId": "04A65469-083F-40B5-86C5-A2EAE5B2F00A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3470:*:*:*:*:*:*:*",
"matchCriteriaId": "8F1AA82E-BD86-40F5-B417-71DF6AF53A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3470s:*:*:*:*:*:*:*",
"matchCriteriaId": "B71A6DB0-5EB0-4712-8480-CF427F521D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3470t:*:*:*:*:*:*:*",
"matchCriteriaId": "8223D5A1-ADF1-43C6-AF91-EE5C413BCB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3475s:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD69605-F52B-4623-921A-983A5A408ECA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3550:*:*:*:*:*:*:*",
"matchCriteriaId": "B1D5685F-6FFE-4A6A-9FF8-940C8DA36499",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3550s:*:*:*:*:*:*:*",
"matchCriteriaId": "B94062D9-8DDA-4B4A-B3B5-07F71F5B97E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3570:*:*:*:*:*:*:*",
"matchCriteriaId": "3832D0A6-419D-4876-B5C4-920578F713F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3570k:*:*:*:*:*:*:*",
"matchCriteriaId": "E1AA5C8A-83A8-4F96-9D7C-7A50ADDB2341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3570s:*:*:*:*:*:*:*",
"matchCriteriaId": "404E38E6-9EB3-41D0-97A7-DC579688BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3570t:*:*:*:*:*:*:*",
"matchCriteriaId": "40E4A921-AB28-47B7-B5A3-EB82193D15BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3610me:*:*:*:*:*:*:*",
"matchCriteriaId": "B0357E48-2300-47B4-B9E5-9FE813A2FC09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4200h:*:*:*:*:*:*:*",
"matchCriteriaId": "96CC28B6-57D1-4919-AA55-A262CC16AFE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4200m:*:*:*:*:*:*:*",
"matchCriteriaId": "0EB4C54D-1265-425A-B507-E1099844875A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4200u:*:*:*:*:*:*:*",
"matchCriteriaId": "97362147-3A71-430D-9064-4435D45C3B8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4200y:*:*:*:*:*:*:*",
"matchCriteriaId": "89212CF3-4E99-4389-94CE-F4211DDCA01B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4202y:*:*:*:*:*:*:*",
"matchCriteriaId": "FBEA4DA3-0AFB-4FCE-92DB-5B316775BB17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4210h:*:*:*:*:*:*:*",
"matchCriteriaId": "611C0A0A-1FA3-42F9-82E8-BFCB71A077DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4210m:*:*:*:*:*:*:*",
"matchCriteriaId": "36F027D9-DCB4-4A3D-8987-41F2941DBD45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4210u:*:*:*:*:*:*:*",
"matchCriteriaId": "E23BCEC9-2BFB-4B41-9A7A-18B1347C6202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4210y:*:*:*:*:*:*:*",
"matchCriteriaId": "4924CE39-A846-4DB4-9547-6322FC5AD6B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4220y:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9E2C9A-94A1-456B-90D5-54932DF64C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4250u:*:*:*:*:*:*:*",
"matchCriteriaId": "AC04C652-B2D8-4002-A50E-8AFE83204A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4258u:*:*:*:*:*:*:*",
"matchCriteriaId": "10D413F0-CDBC-4A63-B9A7-9E7725BA1E83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4260u:*:*:*:*:*:*:*",
"matchCriteriaId": "754A8826-59F7-4A71-B74B-737BE9C7DE4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4278u:*:*:*:*:*:*:*",
"matchCriteriaId": "FADB6BDA-6825-489B-AB39-7729BA45DFD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4288u:*:*:*:*:*:*:*",
"matchCriteriaId": "7913F57E-E600-4767-AF51-D045E1898E72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4300m:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3783F4-5A05-45AA-9791-A681011FD78C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4300u:*:*:*:*:*:*:*",
"matchCriteriaId": "01E3114D-31D2-4DBF-A664-F4049D8B6266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4300y:*:*:*:*:*:*:*",
"matchCriteriaId": "D8EE6578-981D-470C-BB24-4960B3CB1478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4302y:*:*:*:*:*:*:*",
"matchCriteriaId": "E3320D50-C5C9-4D75-BF1A-5BB7BCBFE2BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4308u:*:*:*:*:*:*:*",
"matchCriteriaId": "7EE59839-8EB9-47FE-88E2-F0D54BE787A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4310m:*:*:*:*:*:*:*",
"matchCriteriaId": "75694A3D-080A-4AA7-97DF-5A5833C9D9F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4310u:*:*:*:*:*:*:*",
"matchCriteriaId": "19C5E27D-BBAB-4395-8FC6-8E3D4FB9A1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4330m:*:*:*:*:*:*:*",
"matchCriteriaId": "6E996176-3DEA-46E6-93B7-9C0DF32B59D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4340m:*:*:*:*:*:*:*",
"matchCriteriaId": "4417007D-126A-478B-87EA-039D088A4515",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4350u:*:*:*:*:*:*:*",
"matchCriteriaId": "F78C2825-F6A3-4188-9D25-59EAEC8A7B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4360u:*:*:*:*:*:*:*",
"matchCriteriaId": "EF2FA85D-B117-410D-B247-8C5A3479319A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4400e:*:*:*:*:*:*:*",
"matchCriteriaId": "3A041D27-132C-4B15-976F-1750C039A89F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4402e:*:*:*:*:*:*:*",
"matchCriteriaId": "5D495E06-BF2B-4C5A-881D-94C93CD2BA2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4402ec:*:*:*:*:*:*:*",
"matchCriteriaId": "7C31DFB8-8D8C-47D6-AAFF-BAE829A3D965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4410e:*:*:*:*:*:*:*",
"matchCriteriaId": "088BC395-06D5-4156-85EB-63C4A9552898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4422e:*:*:*:*:*:*:*",
"matchCriteriaId": "33A220A2-A6D2-46A7-B168-607400EEDCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4430:*:*:*:*:*:*:*",
"matchCriteriaId": "1E79232F-7196-440B-82D4-165885251232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4430s:*:*:*:*:*:*:*",
"matchCriteriaId": "ED866954-77AB-4CA8-8AED-4252C595FC4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4440:*:*:*:*:*:*:*",
"matchCriteriaId": "28A1F516-B180-45D4-8EB1-754B7497CB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4440s:*:*:*:*:*:*:*",
"matchCriteriaId": "36758A04-64D3-4150-A004-CF042FA31CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4460:*:*:*:*:*:*:*",
"matchCriteriaId": "1E01752E-F1DD-400A-A917-216CAF15B0F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4460s:*:*:*:*:*:*:*",
"matchCriteriaId": "AD47EC58-F776-4F59-8F15-4B208904CF4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4460t:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3781F4-2123-4FA1-8AF5-D0D1E6C1A5B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4570:*:*:*:*:*:*:*",
"matchCriteriaId": "94565E35-8A58-4CB6-A489-C796DCB97FC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4570r:*:*:*:*:*:*:*",
"matchCriteriaId": "49964D35-5323-4412-BD54-661630F9A8CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4570s:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A37E7D-1BF6-4A2A-BF52-5F0EC4B4F341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4570t:*:*:*:*:*:*:*",
"matchCriteriaId": "A0F66468-87D0-41FC-934B-5924BE2956CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4570te:*:*:*:*:*:*:*",
"matchCriteriaId": "3E0F93E1-4607-4DF4-AC6E-4B7254D4A8DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4590:*:*:*:*:*:*:*",
"matchCriteriaId": "45C0D99E-443E-4AB1-A07A-900A09FE177E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4590s:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D0FD76-C1FB-43D0-8511-FC0BA6DA7960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4590t:*:*:*:*:*:*:*",
"matchCriteriaId": "A9DAEE52-09C3-4A09-9958-9D6807B2700B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4670:*:*:*:*:*:*:*",
"matchCriteriaId": "B97690D4-E814-4D40-B170-BE56D7AE2C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4670k:*:*:*:*:*:*:*",
"matchCriteriaId": "89804F2C-D32D-4444-ABEA-5B241153D096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4670r:*:*:*:*:*:*:*",
"matchCriteriaId": "2AAAAF9C-B29B-4020-BAFF-C87B1A08294A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4670s:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE60E1E-AB8D-46E4-A779-A54F2D20B5D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4670t:*:*:*:*:*:*:*",
"matchCriteriaId": "EB958A28-7C9A-4BD0-B002-4E1A65CDB0A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4690:*:*:*:*:*:*:*",
"matchCriteriaId": "7C27B318-2AC1-423D-B0C8-583BB1800D5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4690k:*:*:*:*:*:*:*",
"matchCriteriaId": "9E58E3D0-1154-4B13-BA16-67CE67DF0637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4690s:*:*:*:*:*:*:*",
"matchCriteriaId": "32D2ACB3-B906-4944-A021-03C4645965BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4690t:*:*:*:*:*:*:*",
"matchCriteriaId": "8FFF834A-D7F0-4E48-AD3D-DD0BCE6DEC0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5200u:*:*:*:*:*:*:*",
"matchCriteriaId": "8E1A41BA-A1D6-484A-BAD2-68DF85598354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5250u:*:*:*:*:*:*:*",
"matchCriteriaId": "11260C9D-69A9-4D81-9CCF-2E116DD75F7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5257u:*:*:*:*:*:*:*",
"matchCriteriaId": "1C020F06-FD27-46E3-A48F-3F60F33BB969",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5287u:*:*:*:*:*:*:*",
"matchCriteriaId": "03C74F10-6A7F-4F68-8A34-E981E1760DE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5300u:*:*:*:*:*:*:*",
"matchCriteriaId": "24741B98-8D0E-4307-AAEF-A14B2531DCA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5350h:*:*:*:*:*:*:*",
"matchCriteriaId": "8D4FA4BA-4304-4A70-9F86-120F2A3D8148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5350u:*:*:*:*:*:*:*",
"matchCriteriaId": "367FC8BA-F046-4264-A049-49E933E7698F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5575r:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9B68D3-1DFB-4468-85C4-AC13E6CBC111",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5675c:*:*:*:*:*:*:*",
"matchCriteriaId": "C966A016-B650-44D9-B8C4-1ED50AB318DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5675r:*:*:*:*:*:*:*",
"matchCriteriaId": "DC448FF0-6D3F-4609-864B-4191905EE2B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6200u:*:*:*:*:*:*:*",
"matchCriteriaId": "0FC246FE-4CA6-4B2D-83C3-D50A386C24A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6260u:*:*:*:*:*:*:*",
"matchCriteriaId": "758A14DB-1BAF-442A-BA7C-5E9C67847BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6267u:*:*:*:*:*:*:*",
"matchCriteriaId": "61309100-CFA7-4607-A236-8910838AA057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6287u:*:*:*:*:*:*:*",
"matchCriteriaId": "82D76265-7BD0-4C51-AE77-22B22524DE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6300hq:*:*:*:*:*:*:*",
"matchCriteriaId": "DE38B195-BB8D-4747-881D-E8033760B4C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6300u:*:*:*:*:*:*:*",
"matchCriteriaId": "1AA8BE76-168D-48A3-8DF6-E91F44600408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6350hq:*:*:*:*:*:*:*",
"matchCriteriaId": "3B656975-5D71-4712-9820-BDB7BC248AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6360u:*:*:*:*:*:*:*",
"matchCriteriaId": "FA045267-114D-4587-B6D7-E273C28DC9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6400:*:*:*:*:*:*:*",
"matchCriteriaId": "77018415-E122-406E-896D-1BC6CF790BE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6400t:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADF37F1-546B-4EF0-8DEC-DC3B9F5309FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6402p:*:*:*:*:*:*:*",
"matchCriteriaId": "D7469256-1A64-46FF-8F5A-A8E9E3CF5BE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6440eq:*:*:*:*:*:*:*",
"matchCriteriaId": "7F9069B9-9FE3-4AD5-9A8E-55C0F73BD756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6440hq:*:*:*:*:*:*:*",
"matchCriteriaId": "F4E1C012-3E05-44DB-B6D2-BFD619C034B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6442eq:*:*:*:*:*:*:*",
"matchCriteriaId": "15D689D6-8594-42F2-8EEF-DCAEBA885A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6500:*:*:*:*:*:*:*",
"matchCriteriaId": "A6446000-0494-4DC5-ABAA-F20A44546068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6500t:*:*:*:*:*:*:*",
"matchCriteriaId": "99B94EEC-6690-45D0-B086-F4A5B25C25CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6500te:*:*:*:*:*:*:*",
"matchCriteriaId": "8B767B6E-B3E6-4424-97A6-89A7E7EB0EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6585r:*:*:*:*:*:*:*",
"matchCriteriaId": "832AB3CD-E3A1-4CCB-A210-287973563D0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6600:*:*:*:*:*:*:*",
"matchCriteriaId": "5A26C0CC-68AD-40F5-96B8-87E6C643F6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6600k:*:*:*:*:*:*:*",
"matchCriteriaId": "99C4221A-9994-43B3-9C7A-E13815A50A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6600t:*:*:*:*:*:*:*",
"matchCriteriaId": "20070B1D-B91C-40BA-A9D8-E80170A2933F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6685r:*:*:*:*:*:*:*",
"matchCriteriaId": "A70129C9-371F-4542-A388-C095869E593A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*",
"matchCriteriaId": "6C4DE25F-168A-4C67-8B66-09F61F072BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*",
"matchCriteriaId": "58157F24-D89E-4552-8CE6-2F01E98BD1E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*",
"matchCriteriaId": "BC7FFD78-1E1C-4246-BBD3-73FAC06AA46B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*",
"matchCriteriaId": "45ACBBEA-EC95-4F3E-B585-893DB6D21A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7y75:*:*:*:*:*:*:*",
"matchCriteriaId": "7DEC55DF-1950-45E5-A5F2-B5604AFA1CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:610e:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A5EC79-1B21-4BB3-8791-73507BC8D4DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:620le:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB4AFC3-FE30-4F46-ADC1-D03EB14E757D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:620lm:*:*:*:*:*:*:*",
"matchCriteriaId": "E0387587-AAB6-4284-8516-4DA3E3582D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:620m:*:*:*:*:*:*:*",
"matchCriteriaId": "A238C975-9196-449F-9C15-ABB2E9FD1D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:620ue:*:*:*:*:*:*:*",
"matchCriteriaId": "6F17F4A5-120B-4E00-97C8-8A85841ACBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:620um:*:*:*:*:*:*:*",
"matchCriteriaId": "2537F047-64C9-4E73-B82C-310253184183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:640lm:*:*:*:*:*:*:*",
"matchCriteriaId": "3A55857C-649D-46CE-AEDA-6E553E554FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:640m:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA4892D-AFDF-4441-821E-5EBF7F64C9F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:640um:*:*:*:*:*:*:*",
"matchCriteriaId": "327E06A3-7F0E-4498-8811-10C8D15398FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:660lm:*:*:*:*:*:*:*",
"matchCriteriaId": "1624E6D6-858E-4085-B0B9-362B819EFD88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:660ue:*:*:*:*:*:*:*",
"matchCriteriaId": "50D61F4A-40F0-477C-8326-7359D3626E77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:660um:*:*:*:*:*:*:*",
"matchCriteriaId": "1455B4DE-7F1C-4CF2-AE02-2EDD20025D62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:680um:*:*:*:*:*:*:*",
"matchCriteriaId": "5B215788-860B-46CD-9A08-43AFF98FAEAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:720qm:*:*:*:*:*:*:*",
"matchCriteriaId": "2B92FAD5-CA6E-48F7-9613-3A4CE90F5F54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:740qm:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EB132B-000C-4A17-AFB3-19F40A73D2CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:820qm:*:*:*:*:*:*:*",
"matchCriteriaId": "5C4815AE-B635-4545-83C2-5EC4E0128337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:840qm:*:*:*:*:*:*:*",
"matchCriteriaId": "C0046C06-E3E6-4674-A4D1-332DD29D9552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:860:*:*:*:*:*:*:*",
"matchCriteriaId": "2C191851-3DC3-41C7-AD89-81F091CCC83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:860s:*:*:*:*:*:*:*",
"matchCriteriaId": "21126922-8E81-47F4-82D4-CBCDDACEC4FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:870:*:*:*:*:*:*:*",
"matchCriteriaId": "209E18B0-BBB5-4C65-B336-44340F7740DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:870s:*:*:*:*:*:*:*",
"matchCriteriaId": "C867C0B8-91A4-482A-B7DD-54AB9599AE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:875k:*:*:*:*:*:*:*",
"matchCriteriaId": "30F03843-8A51-4CE1-BE6C-994BDE3A8F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:880:*:*:*:*:*:*:*",
"matchCriteriaId": "09854948-2657-4261-A32A-0523058F072E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:920:*:*:*:*:*:*:*",
"matchCriteriaId": "D13904A5-266D-481C-A42A-734C3823A238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:920xm:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC82FCB-0541-45C4-8B7E-CB612D7F702A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:930:*:*:*:*:*:*:*",
"matchCriteriaId": "6C18BD84-5E9C-4C9E-B0AA-2CEB0D7A58C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:940:*:*:*:*:*:*:*",
"matchCriteriaId": "0F5ABC7E-C4E0-4850-A1E6-07EBCF4A87D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:940xm:*:*:*:*:*:*:*",
"matchCriteriaId": "501E9355-0CDD-4951-BCC3-47962788BCCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:950:*:*:*:*:*:*:*",
"matchCriteriaId": "B3D976D9-62F0-43C3-8359-E51E26B6CD87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:960:*:*:*:*:*:*:*",
"matchCriteriaId": "02AFBCD0-9B4B-4CA3-8FA9-D8B6ECB24894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:965:*:*:*:*:*:*:*",
"matchCriteriaId": "64ADE9AF-196F-4E0B-BC66-7DE0183F9032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:970:*:*:*:*:*:*:*",
"matchCriteriaId": "C90CCA48-1705-4564-AAF9-271201BD5113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:975:*:*:*:*:*:*:*",
"matchCriteriaId": "0B82BAFF-17F5-465C-8032-67D5ECAB2921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:980:*:*:*:*:*:*:*",
"matchCriteriaId": "1F694FEC-B97D-4BDA-ADFA-751E8BFB7CD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:980x:*:*:*:*:*:*:*",
"matchCriteriaId": "F831371E-7437-48D7-8281-1F406215041B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:990x:*:*:*:*:*:*:*",
"matchCriteriaId": "BC4F06B5-615A-464A-A0C4-7AABEE8530CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2600:*:*:*:*:*:*:*",
"matchCriteriaId": "92AF503A-A2B1-4FC3-858B-264049ADF0F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2600k:*:*:*:*:*:*:*",
"matchCriteriaId": "E702C7EC-B1D9-4BDF-B334-2004CD76B52B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2600s:*:*:*:*:*:*:*",
"matchCriteriaId": "E39F31D6-DC4B-46FE-BE5D-EA612D915A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2610ue:*:*:*:*:*:*:*",
"matchCriteriaId": "51CB8036-5F36-4CD4-9B3E-D2401F2E64F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2617m:*:*:*:*:*:*:*",
"matchCriteriaId": "F9849BA3-3990-4E30-B99B-ADD043314CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2620m:*:*:*:*:*:*:*",
"matchCriteriaId": "A20FB18A-D3DA-4DE9-BEFF-75B7AB9B9A55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2629m:*:*:*:*:*:*:*",
"matchCriteriaId": "7A67CD6F-5E4F-4E69-A2A9-A4033DCE08EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2630qm:*:*:*:*:*:*:*",
"matchCriteriaId": "A0A22E92-1EA7-45D9-AC86-EC3D9664C294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2635qm:*:*:*:*:*:*:*",
"matchCriteriaId": "D7FA2911-6561-47BF-BEE8-DDA31642C346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2637m:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA6CA23-6F2B-44D5-B2DA-4F142BA3E48A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2640m:*:*:*:*:*:*:*",
"matchCriteriaId": "0F829DED-4D92-401A-BD80-C070DE57FC7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2649m:*:*:*:*:*:*:*",
"matchCriteriaId": "F560575C-FD8E-485D-B50A-572604BBE903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2655le:*:*:*:*:*:*:*",
"matchCriteriaId": "6ED8C51B-AE59-46DC-85F9-6D3B2891CB3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2657m:*:*:*:*:*:*:*",
"matchCriteriaId": "1A38D00A-B9DC-44DF-8247-70355FF9A6EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2670qm:*:*:*:*:*:*:*",
"matchCriteriaId": "381EFC43-D5D9-4D10-90BE-4C333A9BA074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2675qm:*:*:*:*:*:*:*",
"matchCriteriaId": "CBEDED18-2755-4C55-A1A1-04B4D5F40276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2677m:*:*:*:*:*:*:*",
"matchCriteriaId": "F04B57EC-0731-40C8-939F-1C686A65A0FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2700k:*:*:*:*:*:*:*",
"matchCriteriaId": "2AB301FB-EB3E-4F5F-868D-5B66CC7E1E6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2710qe:*:*:*:*:*:*:*",
"matchCriteriaId": "CE1D28F9-B135-441B-A9BF-792DD356E374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2715qe:*:*:*:*:*:*:*",
"matchCriteriaId": "4D01CE3E-5C89-4FC0-9097-CAC483ACD441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2720qm:*:*:*:*:*:*:*",
"matchCriteriaId": "7BDD55C4-AFCD-4DF2-921C-DDC1D7556DA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2760qm:*:*:*:*:*:*:*",
"matchCriteriaId": "8F52334F-BE6A-4FD4-9F63-AE9BB017115B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2820qm:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C9BCC3-B9A6-4195-BF2F-E7BBCE8DC269",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2860qm:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4DFFA7-AA0E-4D7E-97B8-13389FD47D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2920xm:*:*:*:*:*:*:*",
"matchCriteriaId": "707F6671-57AC-4DF4-8024-444502E5C92E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2960xm:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1FCE07-F9E8-4B14-95CE-01784D472128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3517u:*:*:*:*:*:*:*",
"matchCriteriaId": "C208711F-FC06-46C8-8849-27054DC1B264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3517ue:*:*:*:*:*:*:*",
"matchCriteriaId": "25AB8041-F201-4BB3-AAD9-199B06697DF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3520m:*:*:*:*:*:*:*",
"matchCriteriaId": "D75C474C-D5EF-42D6-9B2A-A504BEFCB982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3537u:*:*:*:*:*:*:*",
"matchCriteriaId": "1F566CD3-3649-492B-B0AB-A107E51675B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3540m:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9F3D74-AE72-4FC5-83E9-890781AF3093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3555le:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8EA6A7-4AB8-487E-B5DD-9989CC5F1CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3610qe:*:*:*:*:*:*:*",
"matchCriteriaId": "DF63DDC8-A0C1-482B-92F2-CF6135E8C2A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3610qm:*:*:*:*:*:*:*",
"matchCriteriaId": "C69918C6-7AAD-4AA5-AB72-C275367B1008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3612qe:*:*:*:*:*:*:*",
"matchCriteriaId": "06155B0B-A5AD-4A82-8C02-D264981687A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3612qm:*:*:*:*:*:*:*",
"matchCriteriaId": "F76C19A4-FA26-432A-9443-9F92B2A946EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3615qe:*:*:*:*:*:*:*",
"matchCriteriaId": "99BEE9BE-E49A-489B-B333-95D0993F8FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3615qm:*:*:*:*:*:*:*",
"matchCriteriaId": "7427A678-EC47-4030-B905-619DD95F5A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3630qm:*:*:*:*:*:*:*",
"matchCriteriaId": "86749716-1C9F-4C2A-B2A7-E62DEC10EA30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3632qm:*:*:*:*:*:*:*",
"matchCriteriaId": "FD000B53-06DA-4ED4-B0EE-9CB201B75C8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3635qm:*:*:*:*:*:*:*",
"matchCriteriaId": "A8424463-C329-4BAA-8AA1-25CD8B63292E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3667u:*:*:*:*:*:*:*",
"matchCriteriaId": "52727E62-0048-4C56-BC8C-B3450D257B21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3687u:*:*:*:*:*:*:*",
"matchCriteriaId": "9D8223AA-F077-45FD-A7E3-3C2C1A8F6E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3689y:*:*:*:*:*:*:*",
"matchCriteriaId": "FAA34B50-2330-4D77-BF1A-6F05F3EF222C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3720qm:*:*:*:*:*:*:*",
"matchCriteriaId": "F6421F69-1076-43D2-B273-DE80FB2D5F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3740qm:*:*:*:*:*:*:*",
"matchCriteriaId": "C1EDA9E2-CFE7-4917-BE48-A83208BDF0F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3770:*:*:*:*:*:*:*",
"matchCriteriaId": "9A34E7FC-93A4-45F2-A7B6-4A8ABFCAB0F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3770k:*:*:*:*:*:*:*",
"matchCriteriaId": "7E611EDD-D44C-4311-B681-431D7C574528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3770s:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E1B6AA-2F9A-43A8-9147-2BD9474E54C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3770t:*:*:*:*:*:*:*",
"matchCriteriaId": "1886D007-85B6-4E5A-968D-A1FD476A08A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3820qm:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDDCB65-4404-49BC-9515-ECECD58A667F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3840qm:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8D3E00-64C3-407A-9B00-8B6E383F73FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4500u:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1B00A1-9C15-47C2-9F57-66586DEACC7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4510u:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5BF932-459F-4DD2-B160-5FE0371C7D83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4550u:*:*:*:*:*:*:*",
"matchCriteriaId": "A58ACE96-F1BE-4261-8F94-FC3C6E7C7561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4558u:*:*:*:*:*:*:*",
"matchCriteriaId": "783D6EA7-C016-4314-A87B-4FED1DC7114B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4578u:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD0176F-FFAE-4A85-9327-CE72FE059E90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4600m:*:*:*:*:*:*:*",
"matchCriteriaId": "A56970C7-F8D3-41B2-A78B-0C7F4A2A4E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4600u:*:*:*:*:*:*:*",
"matchCriteriaId": "26D4CE1F-86C8-4E48-9146-9DB57BF540FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4610m:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7F9D65-5537-4C25-B02B-2393F60D1299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4610y:*:*:*:*:*:*:*",
"matchCriteriaId": "F09C8A92-820D-4572-A797-180E17A7DEB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4650u:*:*:*:*:*:*:*",
"matchCriteriaId": "CA7D77A2-0D9A-4D0D-B0DC-152757917BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4700ec:*:*:*:*:*:*:*",
"matchCriteriaId": "A07D3F1A-16CE-461F-A2F4-80FE5F841CB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4700eq:*:*:*:*:*:*:*",
"matchCriteriaId": "0C04557A-C508-4FAD-A535-1C0AEFF08075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4700hq:*:*:*:*:*:*:*",
"matchCriteriaId": "6AFAE489-6679-4705-BF9C-BB6D385A1DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4700mq:*:*:*:*:*:*:*",
"matchCriteriaId": "429A99C8-BC55-4887-893C-7124C1A5DB08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4702ec:*:*:*:*:*:*:*",
"matchCriteriaId": "E3A2B709-CC19-4116-A5BE-5DB5C8B45A12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4702hq:*:*:*:*:*:*:*",
"matchCriteriaId": "D79DAC74-1F28-4EC8-B417-3FAFFB74C4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4702mq:*:*:*:*:*:*:*",
"matchCriteriaId": "6F1F1377-6220-43FB-BEF9-BAA7B0158147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4710hq:*:*:*:*:*:*:*",
"matchCriteriaId": "18422CA8-3000-46B1-9065-2369E6B0BE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4710mq:*:*:*:*:*:*:*",
"matchCriteriaId": "5D558C66-E80E-4FC7-A0DF-485466390C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4712hq:*:*:*:*:*:*:*",
"matchCriteriaId": "E23EA9AE-9E70-47B5-AD9B-0DF13A0939E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4712mq:*:*:*:*:*:*:*",
"matchCriteriaId": "860F22F6-4C87-47C5-965E-02A1AFF41A72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4720hq:*:*:*:*:*:*:*",
"matchCriteriaId": "19A2CA86-BFA8-4C78-987D-AD26F32622F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4722hq:*:*:*:*:*:*:*",
"matchCriteriaId": "EEF64E0A-CDB0-427E-A96F-095EFEBA0A3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4750hq:*:*:*:*:*:*:*",
"matchCriteriaId": "425F6D34-EE60-464B-8EA6-8116EDAA1219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4760hq:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB9F657-1239-4424-A2E8-F8BD98C0095E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4765t:*:*:*:*:*:*:*",
"matchCriteriaId": "F631403C-0A67-42CB-815C-133EB87E0C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4770:*:*:*:*:*:*:*",
"matchCriteriaId": "6A4A5A57-B1A2-4BBA-AC36-7EA7DF9CDE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4770hq:*:*:*:*:*:*:*",
"matchCriteriaId": "0453C0EA-BA67-49D5-964F-35493F97D905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4770k:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4D237E-ACB7-4382-AF5B-D27E634BF867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4770r:*:*:*:*:*:*:*",
"matchCriteriaId": "B5461EB2-2958-4923-86AF-C74D449120B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4770s:*:*:*:*:*:*:*",
"matchCriteriaId": "45C22141-E698-4E38-AF50-9CE04C1168FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4770t:*:*:*:*:*:*:*",
"matchCriteriaId": "49D0E470-427D-4A68-AFD2-982A4F7CE2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4770te:*:*:*:*:*:*:*",
"matchCriteriaId": "43AB50F3-14AC-44BD-B7F0-A683C5FD1A3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4771:*:*:*:*:*:*:*",
"matchCriteriaId": "713C4B7A-C38A-4818-A258-D07DEDEC906E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4785t:*:*:*:*:*:*:*",
"matchCriteriaId": "C59740BE-FC30-4400-B978-1DB41282971C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4790:*:*:*:*:*:*:*",
"matchCriteriaId": "839728F0-5F23-462F-B493-C37EE4C874F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4790k:*:*:*:*:*:*:*",
"matchCriteriaId": "6F1B47DA-BA53-4D7A-9B5B-582238D5E99A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4790s:*:*:*:*:*:*:*",
"matchCriteriaId": "D452F1BF-1FA5-463C-8F13-6357509FB5D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4790t:*:*:*:*:*:*:*",
"matchCriteriaId": "EF6D1F4C-B396-468C-BA32-9367A68C95DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4800mq:*:*:*:*:*:*:*",
"matchCriteriaId": "B76A812F-D77A-49C8-B7A5-0C08258D4BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4810mq:*:*:*:*:*:*:*",
"matchCriteriaId": "6E001AAB-07EC-47BF-BDE9-BB927872781D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4850hq:*:*:*:*:*:*:*",
"matchCriteriaId": "D1DF11F5-61E8-4A98-86C8-49D6B3224FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4860hq:*:*:*:*:*:*:*",
"matchCriteriaId": "AED153E7-99A2-4C02-B81B-C3DDF8FAE1A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4870hq:*:*:*:*:*:*:*",
"matchCriteriaId": "D024802A-EA60-4D9B-B04C-027A0703EABD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4900mq:*:*:*:*:*:*:*",
"matchCriteriaId": "BA731F3C-1F04-4EE2-83EC-9486F5032903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4910mq:*:*:*:*:*:*:*",
"matchCriteriaId": "544A59F6-E731-43C8-8455-69256933E71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4950hq:*:*:*:*:*:*:*",
"matchCriteriaId": "624258EE-7FFF-4432-9B6D-4D60AA73CD9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4960hq:*:*:*:*:*:*:*",
"matchCriteriaId": "69A2701A-35A8-4268-B9CF-40BA3219373B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4980hq:*:*:*:*:*:*:*",
"matchCriteriaId": "15E671F6-8DED-4735-BE97-58A60E5B5C13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5500u:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC68B2A-8570-4311-BB60-49DBBDAF7430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5550u:*:*:*:*:*:*:*",
"matchCriteriaId": "9826FA02-937E-4323-B9D5-8AE059ADBE95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5557u:*:*:*:*:*:*:*",
"matchCriteriaId": "9B8630BB-48AA-4688-A6F0-212C1BB4D14C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5600u:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC98D35-D7D5-4C24-B47E-EDE2A80B2B9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5650u:*:*:*:*:*:*:*",
"matchCriteriaId": "A2F8ABCB-12C3-4C45-844E-B07F77DA2DE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5700eq:*:*:*:*:*:*:*",
"matchCriteriaId": "326105AC-3926-437E-8AFF-916960107050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5700hq:*:*:*:*:*:*:*",
"matchCriteriaId": "866E1275-7541-4B80-8FDF-53246A204C15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5750hq:*:*:*:*:*:*:*",
"matchCriteriaId": "E190929D-D3CC-46E1-A903-0848829061DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5775c:*:*:*:*:*:*:*",
"matchCriteriaId": "81E4EBCB-B660-4F6A-AD73-81B9D8964162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5775r:*:*:*:*:*:*:*",
"matchCriteriaId": "55D58CC5-CB46-464D-93B8-6AD5A19AF097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5850eq:*:*:*:*:*:*:*",
"matchCriteriaId": "16541D3E-EBBD-4D92-96D8-F169733377AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5850hq:*:*:*:*:*:*:*",
"matchCriteriaId": "3F08D257-F570-4D39-A6E8-0F60E55472E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5950hq:*:*:*:*:*:*:*",
"matchCriteriaId": "C20ED667-2BFB-41C7-82BA-9F0C0044DA08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*",
"matchCriteriaId": "6158ED8A-007E-48B7-99BF-8BA03BF584BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA7096A-F321-49A0-911A-F9683ABE6E6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*",
"matchCriteriaId": "6A471395-7F8F-4BA5-962D-4D8F271FAB47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*",
"matchCriteriaId": "B9484380-92B9-44DB-8E20-DC8DE02D1CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*",
"matchCriteriaId": "8010808D-805D-4CA3-9EA2-55EB1E57964C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*",
"matchCriteriaId": "9716FE9F-A056-42A3-A241-F2FE37A6386A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*",
"matchCriteriaId": "F73422A3-ECA0-4C41-9AA5-CF7D77885CF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*",
"matchCriteriaId": "7A96A5AF-C9EF-4DED-AE25-4540A2B02915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*",
"matchCriteriaId": "D5115B12-053A-4866-A833-D6EC88D8F93E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*",
"matchCriteriaId": "C5619D4D-9685-4595-8A5F-A18273FE4213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*",
"matchCriteriaId": "B77E00E7-0EA4-4E32-A693-0E0F66BA4C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA3457E-7E1A-4878-9752-79382E954A66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*",
"matchCriteriaId": "68630C63-4457-4E12-B7BD-AD456B237FC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*",
"matchCriteriaId": "F6FB5695-2950-4CEC-81B4-FD280F835330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*",
"matchCriteriaId": "9F340AF8-508F-449D-9AFA-4E55F069B4F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*",
"matchCriteriaId": "E944410E-D674-4141-B50C-9F55090325FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*",
"matchCriteriaId": "A6438E07-0AC0-4BF9-B0F2-9072CA9639D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m:5y10:*:*:*:*:*:*:*",
"matchCriteriaId": "5079AA70-C864-4AE2-809C-52B50632F2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m:5y10a:*:*:*:*:*:*:*",
"matchCriteriaId": "5D124BCB-D8C3-49F5-B05C-E09B3CEBEBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m:5y10c:*:*:*:*:*:*:*",
"matchCriteriaId": "6A86291B-C986-4320-BCEF-9F5AD8B309D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m:5y31:*:*:*:*:*:*:*",
"matchCriteriaId": "1227659F-1393-4189-978B-CC3DC53BF407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m:5y51:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2DB843-638F-41EF-B486-409318AA2DE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m:5y70:*:*:*:*:*:*:*",
"matchCriteriaId": "A0004D8A-A186-4DA2-A7AB-18A6456438FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m:5y71:*:*:*:*:*:*:*",
"matchCriteriaId": "75B6BE9F-F113-4976-951D-53F2E183A95A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m3:6y30:*:*:*:*:*:*:*",
"matchCriteriaId": "DEB005F1-9719-4985-B9D9-2140C962ADD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m3:7y30:*:*:*:*:*:*:*",
"matchCriteriaId": "A94D0C1B-F30F-4724-915E-192C53FAE58A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m3:7y32:*:*:*:*:*:*:*",
"matchCriteriaId": "3F247860-1D2C-415C-AFBD-26BD875AAF02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m5:6y54:*:*:*:*:*:*:*",
"matchCriteriaId": "9697EDCD-A742-4AC6-876E-1080AD684207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m5:6y57:*:*:*:*:*:*:*",
"matchCriteriaId": "6E73924A-875B-44D0-8F7C-A822B0488126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m7:6y75:*:*:*:*:*:*:*",
"matchCriteriaId": "03751B92-EE07-4F16-A476-BD25561810BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_j:j2850:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A630E1-6CAE-4809-AB18-5002F158AE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_j:j2900:*:*:*:*:*:*:*",
"matchCriteriaId": "A67750FF-EF4B-414F-8ED4-299CAF33B0DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_j:j3710:*:*:*:*:*:*:*",
"matchCriteriaId": "5A82D885-82F5-4755-BC11-5899E28CEE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_j:j4205:*:*:*:*:*:*:*",
"matchCriteriaId": "88AF1366-8A14-4741-8146-886C31D8D347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_n:n3510:*:*:*:*:*:*:*",
"matchCriteriaId": "7FD75301-E29C-47DC-B53F-DC44EA0C1885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_n:n3520:*:*:*:*:*:*:*",
"matchCriteriaId": "8C944024-BEAA-43AF-A339-FD69C75E8240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_n:n3530:*:*:*:*:*:*:*",
"matchCriteriaId": "435C69D1-3932-4379-8D18-B1E12D558325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_n:n3540:*:*:*:*:*:*:*",
"matchCriteriaId": "3572B700-73C0-41D1-95FD-FE9D5B0C1F80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_n:n3700:*:*:*:*:*:*:*",
"matchCriteriaId": "97A40DC9-0D4E-4C91-8D1B-3CED95B3952E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_n:n3710:*:*:*:*:*:*:*",
"matchCriteriaId": "16FB3E4B-05F8-411A-8C86-4ACE03815553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_n:n4200:*:*:*:*:*:*:*",
"matchCriteriaId": "8E55EBC1-6F96-47CD-9503-7855EFB07240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e5502:*:*:*:*:*:*:*",
"matchCriteriaId": "4208DBA1-7F85-4876-9B6C-D1B43EAAB2AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e5503:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ADC8E5-1CE7-4481-A9B5-61BFC6B4FF50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e5504:*:*:*:*:*:*:*",
"matchCriteriaId": "A1789924-FADB-4076-8874-120B29EE6B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e5506:*:*:*:*:*:*:*",
"matchCriteriaId": "BC246667-2F6F-4024-9EAA-2CE3018235C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e5507:*:*:*:*:*:*:*",
"matchCriteriaId": "B21BA7F8-D4B5-4E6B-8FCE-04BBD3501AA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e5520:*:*:*:*:*:*:*",
"matchCriteriaId": "1341A5D4-A5CE-4D31-A178-01C3069D7A55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e5530:*:*:*:*:*:*:*",
"matchCriteriaId": "86A5C199-92E5-435C-AC40-175849285104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e5540:*:*:*:*:*:*:*",
"matchCriteriaId": "67589F54-0A54-4DE7-9A47-A73DD05F7965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e5603:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC34C8E-1BB9-43CC-9D89-9E6DC435B7EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e5606:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE5163E-9BCF-4BF8-BCB9-B48C4E7E1564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e5607:*:*:*:*:*:*:*",
"matchCriteriaId": "92C5DC8C-3318-440B-8B29-4827F343927B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e5620:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECC47D8-F602-4CEA-B19A-209CE76C9D36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e5630:*:*:*:*:*:*:*",
"matchCriteriaId": "7514ADD3-DECC-4CC2-9421-A609E526FDC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e5640:*:*:*:*:*:*:*",
"matchCriteriaId": "6ED2EC97-8B2D-47A9-8EC7-D1E0ACBB6C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e5645:*:*:*:*:*:*:*",
"matchCriteriaId": "691097C3-F91B-499B-BAEB-4E7E9C43B517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e5649:*:*:*:*:*:*:*",
"matchCriteriaId": "0B3DB1ED-017B-43EF-92A3-A8A88669FBC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e6510:*:*:*:*:*:*:*",
"matchCriteriaId": "19A49AAF-0F08-4151-8F74-4EF9C3415B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e6540:*:*:*:*:*:*:*",
"matchCriteriaId": "3F7A2018-BB4D-4DC1-813D-A4AA3F270893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e7520:*:*:*:*:*:*:*",
"matchCriteriaId": "A95D91C4-C539-4458-A6C9-8AE17207AE30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e7530:*:*:*:*:*:*:*",
"matchCriteriaId": "37F9D218-8198-42C7-88FE-7C5382138324",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:e7540:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8FDD81-95EE-4241-93C8-925085A4CE7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:ec5509:*:*:*:*:*:*:*",
"matchCriteriaId": "614D9E35-10E0-4CCB-B817-C7C8C3947BE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:ec5539:*:*:*:*:*:*:*",
"matchCriteriaId": "F75F987E-F4DB-46FF-B048-21B4A4C07B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:ec5549:*:*:*:*:*:*:*",
"matchCriteriaId": "05376F2C-30B6-406D-90F7-6C2E00E85171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:l3406:*:*:*:*:*:*:*",
"matchCriteriaId": "CCDD3DF6-24BF-4C13-8F07-AF07327E5622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:l3426:*:*:*:*:*:*:*",
"matchCriteriaId": "B1520A64-2157-45D7-A135-F900798C4EB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:l5506:*:*:*:*:*:*:*",
"matchCriteriaId": "05A30F85-5367-4369-B7A5-176D71279FC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:l5508:*:*:*:*:*:*:*",
"matchCriteriaId": "B8803FF9-48D7-4AB0-8A17-4590CABD0BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:l5518:*:*:*:*:*:*:*",
"matchCriteriaId": "1DC63B6B-5D6D-477B-9125-007F835981B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:l5520:*:*:*:*:*:*:*",
"matchCriteriaId": "BF385AC9-963E-4670-95A6-BE1EBC3890B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:l5530:*:*:*:*:*:*:*",
"matchCriteriaId": "943FA088-2902-45A9-A1BA-D612B46A50D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:l5609:*:*:*:*:*:*:*",
"matchCriteriaId": "8C80902D-9A6C-47D4-B56F-35C378FC0E63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:l5618:*:*:*:*:*:*:*",
"matchCriteriaId": "1100B46C-8485-4048-BFF8-2BAB311EC04A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:l5630:*:*:*:*:*:*:*",
"matchCriteriaId": "4B9E1646-E154-41BA-B9FA-0839A898023D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:l5638:*:*:*:*:*:*:*",
"matchCriteriaId": "03F4C8E6-0043-41A8-94EA-EEBAA1A081E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:l5640:*:*:*:*:*:*:*",
"matchCriteriaId": "31C10985-CBF7-4717-A7D6-2594887D7CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:l7545:*:*:*:*:*:*:*",
"matchCriteriaId": "8C49886C-B6A0-4D95-8533-329FE5A66F6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:l7555:*:*:*:*:*:*:*",
"matchCriteriaId": "0788CF23-3FAF-44C9-9AAA-96E4818A1AEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:lc5518:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF7001-64D1-4BFB-9280-0BA0FAD97A0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:lc5528:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6E420E-16DA-4FB1-9968-C93E229614FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:w3670:*:*:*:*:*:*:*",
"matchCriteriaId": "07469E04-B3D2-41FE-A2E4-E25A977026CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:w3680:*:*:*:*:*:*:*",
"matchCriteriaId": "60FF402E-5E4F-414A-A3AB-149548303616",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:w3690:*:*:*:*:*:*:*",
"matchCriteriaId": "79E2B875-A270-45C0-A1B1-041264E5B290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:w5580:*:*:*:*:*:*:*",
"matchCriteriaId": "8C828C8C-7ECB-4167-87A9-0F522C400C66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:w5590:*:*:*:*:*:*:*",
"matchCriteriaId": "0C2C887F-1EF7-468A-A6AE-440793C78DAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x3430:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2F3D7F-D884-4ACD-A103-060F57A9867B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x3440:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1FCAAD-7072-45EC-9ACB-08556458BAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x3450:*:*:*:*:*:*:*",
"matchCriteriaId": "C4446224-40E8-4AD0-8197-921D3473E19B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x3460:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA159D9-8C7F-4BE5-9093-A21C7D00F7EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x3470:*:*:*:*:*:*:*",
"matchCriteriaId": "B92B68FD-771A-4401-8B1D-B1A252356F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x3480:*:*:*:*:*:*:*",
"matchCriteriaId": "1B933941-0BE3-4EEB-8FDD-2DAA63343EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x5550:*:*:*:*:*:*:*",
"matchCriteriaId": "8D060EF0-B29C-4B54-86A0-FD5CFF7B80BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x5560:*:*:*:*:*:*:*",
"matchCriteriaId": "36F737C1-6011-42D2-9690-CA81EA0A283C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x5570:*:*:*:*:*:*:*",
"matchCriteriaId": "19CA7EB6-D1C9-48D9-A69A-2618800A6CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x5647:*:*:*:*:*:*:*",
"matchCriteriaId": "0CA1F3E5-ED7F-4E4C-AD0D-0EEC542A9E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x5650:*:*:*:*:*:*:*",
"matchCriteriaId": "ED6E3C9B-A661-4B37-B76D-A3F7BD638D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x5660:*:*:*:*:*:*:*",
"matchCriteriaId": "56C909B0-8FB2-4220-AF93-EECB8D650CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x5667:*:*:*:*:*:*:*",
"matchCriteriaId": "FF36BAD0-A762-4F84-BE0B-060FE666ED67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x5670:*:*:*:*:*:*:*",
"matchCriteriaId": "007337CD-94FB-4ED9-B4A3-9E0EC52D79B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x5672:*:*:*:*:*:*:*",
"matchCriteriaId": "BCDFA137-F1FC-46BD-9872-D62671B1434D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x5675:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6DBCB3-E912-43A1-914B-5C7CCFAADE25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x5677:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCF36E2-0B42-4F23-97D6-9E79ECCA8FAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x5680:*:*:*:*:*:*:*",
"matchCriteriaId": "E2C67312-E128-4833-A91E-D7A9F96A7AD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x5687:*:*:*:*:*:*:*",
"matchCriteriaId": "3F19F408-FABD-4A68-8CDC-C763F0321FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x5690:*:*:*:*:*:*:*",
"matchCriteriaId": "68A06EC2-E491-4CD5-9904-61A88EBB7FD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x6550:*:*:*:*:*:*:*",
"matchCriteriaId": "789A8CAE-8D9E-4244-880D-FBE28EC53AED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x7542:*:*:*:*:*:*:*",
"matchCriteriaId": "F901EE11-D0C9-46F6-8316-D8F4F1D50260",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x7550:*:*:*:*:*:*:*",
"matchCriteriaId": "E549F600-B9CE-4843-A772-2DACC528903E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon:x7560:*:*:*:*:*:*:*",
"matchCriteriaId": "3F28E733-87ED-4610-A8EE-BD37BED7685B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_bronze_3104:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB488DD-D97C-4E21-A055-E6CECBBBC34E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_bronze_3106:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC12C97-9966-40E2-8B23-B4453EC9EA6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-1105c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2832E8BF-7AC7-444C-B297-66F770860571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1505m_v6:*:*:*:*:*:*:*",
"matchCriteriaId": "44AA72FB-E78D-419E-AA82-B0538C6504D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1515m_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "687C3BF3-D71A-49AD-8A05-EAC07CBCD949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1535m_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "90AF90D9-16C4-4F8A-9868-3E2823E3445C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1535m_v6:*:*:*:*:*:*:*",
"matchCriteriaId": "3C063C53-8970-45B1-85F8-FB2080BF4695",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1545m_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "64596ED7-794A-4D23-987B-D9AD59D48EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1558l_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E52BA6-2F2F-4CD2-A601-5B0ADDE5E23F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1565l_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "3FDA48F0-0F35-4A8F-8117-B0B28E00AB95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1575m_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "A561A8E8-79E2-4071-B57D-590C22EF86A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1578l_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "92E46658-60AB-4758-9236-3AC0E6464383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1585_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "207B8FBA-E2FF-485A-9AD9-E604AE0FB903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1585l_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "33F99640-C753-40BE-A0A1-4C2D92E7DB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1105c_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1EC6D3-01CD-4CAB-817D-AE2E72FD0D03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1125c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98247B-1839-4676-855B-827A4B6C016B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1125c_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDBA35BD-1048-4B6E-96B2-1CFF615EB49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6CEEEE2-D6A2-4342-8A73-934093948824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1220_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "979FEE9F-A957-43B6-BB6D-1A851D6FA11C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1220_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A7AF59D-D05E-47F9-B493-B5CD6781FDDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EF7EC93-0170-45A9-86C7-5460320B2AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A7B1C2-D2CE-485A-9376-27E14F3FA05A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_12201:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F803AC-DCC7-43FC-BEB3-AA7984E0506C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_12201_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "560993AA-299D-42B7-B77F-1BD0D2114CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1220l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C582B1C-1DAC-48FD-82DD-7334C10A2175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1225:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7862B0C-2C44-4110-A62A-083116129612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1225_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "048C5996-F719-4338-B148-0DD1C13E02FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1225_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0196DA2F-CFA7-44D0-BDF5-37C7403E3B9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B9FF7FB-AB5A-4549-8C15-E69458C649E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CEF6608-B650-4C77-9823-0AD57B3484F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1226_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE6A2D7-901C-45F9-B487-D674047D522E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCFCAC5E-6CF1-4EC1-A24C-688DD1016A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1230_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ADCB509-5B0E-4592-8B23-EC25A3F79D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1230_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB51691F-089F-4016-B25E-238074B06C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBAAC728-6A0F-4675-9677-AAF7DD5D38ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB3BFEFD-3D0D-48B0-A5AE-6F3C2D791CE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1230l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC7E1AFD-9BCE-4487-A8DE-F9C60529CA7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1231_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EA37503-FD3D-4220-933C-234631D6EDEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1235:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72992831-2A76-456B-A80C-944BDD8591E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79C2131-5566-4CC2-B6ED-38E3F6964500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60BFDAA6-3DFC-4908-BC33-B05BAB462F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1240_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6266056-770A-4E2D-A4FC-F1475257648E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1240_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "929AA8F3-8BDF-4614-9806-6D4231735616",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "605D7552-8184-4B11-96FD-FE501A6C97DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3144BBDE-CC96-4408-AA02-ECC3BF902A34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1240l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8BA77A-34E3-4B9E-822A-7B7A90D35790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7165B43-ED22-4714-8FA4-1E201D1BFA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1241_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CFB133-FAF0-431A-9765-8A9738D6D87C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1245:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2975B0F2-DB7C-4257-985A-482ED2725883",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1245_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70221E07-3C2E-4A82-8259-AD583EB5CDDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1245_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "427DFD78-56CD-43C4-948E-F53AF9D669F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E6F5F-6B82-43D9-BD6E-D22F9B991DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75AD7649-3FEA-4971-9886-6C9312B937A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1246_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4EE972C-6BAE-4342-BA01-1D685487F9C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1258l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27CDFE3B-C064-49A9-BD43-3F7612257A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1260l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD0EEC1-D695-41A5-8CD6-9E987A547CC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C35AA9AC-28B3-49C2-A9B5-5D26DFEDB723",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1265l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBF25B8-D474-4C6B-8E45-F57DDC7074E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1265l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DF18FD1-6670-4C3C-8000-A079C69D575E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1265l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D760EEAF-5CF5-4F25-8FA2-D4F75F4F5A91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1268l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "921EB5A5-F911-4FCE-A6F1-C66818B34678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1268l_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13878C13-1C7C-4B83-AF27-4998E8F659DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "023063E1-2DD7-487C-A8A7-939FAEE666A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1270_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77255CE6-D7B7-4B48-993C-7100A1170BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1270_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B40AC368-3A14-4EFF-A8D0-7EFB4C83045D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3472AA7B-C0CF-4D65-8A6C-B1D52D27F0CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C07E80D5-70A5-49C9-9044-D683C7ECCFF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1271_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63668AF4-F29C-4424-8EC5-2F0A5950DD58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1275:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E86616FE-0C3F-4984-A364-8A6A9F01DAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1275_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09C1C7CD-538D-4D7A-A81C-10DF5376A479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1275_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5922F749-2B23-44B8-8A46-F31BCAEAD279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1275_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C48BBAF-6B27-43D6-B86B-40CD8E7BA056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D75D0EEB-707C-4C86-A569-E91E9F00BA77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1275l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FB0E20-0243-40A1-8DEF-37150791222E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1276_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CFF26D-8AD3-4179-9E4C-F06D7C858C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1278l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7541572C-229F-4963-B7F0-06EB3323E53B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1280:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DE669C-27FD-4196-8B8C-1DA4EE4C1D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1280_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479F7C77-D16F-4E40-9026-3EB8422E0401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1280_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A242AC2-9AA6-43FD-90F4-5BF6E80DBB5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04DB08C8-0018-4A8E-A206-097BDDF83B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7193E85-30BE-42D5-A26B-3F88817F3574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1281_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "446E8515-45FC-4B8B-8D12-60643D64C07F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1285_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBBDF6B2-D388-4639-87D8-064AA3F6B6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1285_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB8B6-B614-4EAA-BA90-C5326CB5D07A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A371DF9-E224-404F-99C2-C2A4607E62D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1285l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F40E356-365D-44B7-8C38-A0C89DDD6D3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1285l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3132029-89F8-4359-A0DC-A275785266A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1286_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B02F5685-0636-48AB-B222-434CA1F3B336",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1286l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E51FDD60-88E5-4A86-BB8E-4C2D7EDEFA03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1290:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED4693C-DECF-4434-90C0-56158F102E7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1290_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB408A6B-0842-43DA-9180-B0A299FCBCE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1501l_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6215EBAC-7C75-4647-9970-482120897F1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1501m_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3357FCAC-B6C4-4E3E-A40B-AB5084A7F9B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1505l_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B1BD2B6-1AF6-4AD4-94FA-94B453A21908",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1505l_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D1FD6E8-80EC-461F-9ED1-CE5912399E80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1505m_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E96F585E-BDEF-45EE-B0AB-94FE23753AC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2650l_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "3279C067-3058-4D46-A739-05404FD0E9B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2658:*:*:*:*:*:*:*",
"matchCriteriaId": "DB4DF0A7-8BC2-48AE-9036-FED6EEC57DF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2658_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0855225-F501-486A-BD03-2A86FD252B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2658_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "214C7B0C-C438-4000-9F9B-6D83294243AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2658_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C91AA2E-4BB2-49C8-9364-4E363DF42CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2658a_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA26781F-5A1C-4DA5-835E-D984D697F22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2660:*:*:*:*:*:*:*",
"matchCriteriaId": "2EEA4222-F25D-4457-80AA-6D05CA918D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2660_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3E60D1-5CF9-4F96-9EDB-D87F8CF57272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2660_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D321BC-6B1D-4C71-8E16-5A1319CEFD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2660_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "6777AC35-9D1F-4153-94AC-B25627D730E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2665:*:*:*:*:*:*:*",
"matchCriteriaId": "A5F063F4-8994-4E46-BA7B-A12A112009BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2667:*:*:*:*:*:*:*",
"matchCriteriaId": "4D6F2DE5-AF11-439A-8D37-30CB882ECD58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2667_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "E213DD86-5419-42C8-BF38-7795DDB3C582",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2667_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "A972291E-5231-439D-873B-2F87BCAF800A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2667_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "C089CC54-3229-43D7-AA15-73CFA1A43EE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2670:*:*:*:*:*:*:*",
"matchCriteriaId": "EF268D83-C15D-4559-A46F-844E1D9264F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2670_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE97C0D-3EA1-4314-A74A-7845C7778FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2670_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "34293F29-F327-4ADD-BF62-78F63F79BB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2680:*:*:*:*:*:*:*",
"matchCriteriaId": "528C0A46-1CC4-4882-985A-0BB41525BC6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2680_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "643F3522-A452-4927-944D-532574EC4243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2680_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "58F40B78-4DBA-44EE-8420-086789EFF53D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2680_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "423BFD8F-4B50-43DA-9979-75FD18FBC953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2683_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "8BAD4A68-0481-476F-BBBD-3D515331368C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2683_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "838CEB7C-7C4C-416C-86CE-6E8DD47EF25B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2687w:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7D021F-3C97-45B3-B1F7-0AC26959F22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2687w_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4A31AEF3-448D-417B-9589-4BA0A06F2FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2687w_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A1D96F-7FFD-413F-ABCE-4530C3D63040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2687w_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB2B08B-D3C7-4B82-B170-471D6CDEFAE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2690:*:*:*:*:*:*:*",
"matchCriteriaId": "4B8343FE-1320-40AE-A37F-70EF1A4AC4B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2690_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD42BA5A-7DA0-409D-8685-E43CF9B61D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2690_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5FF80E9-CF28-4EF6-9CFE-4B500A434674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2690_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "7896A6C6-5918-4C27-85AF-6FEEFC7F8FD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2695_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "647B77A4-2F49-4989-AF43-961D69037370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2695_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "805B1E33-F279-4303-9DF3-C81039A40C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2695_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "B971EA9E-AE5C-4A1D-AD55-8241F7B38C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2697_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7E0AAE-6539-4024-9055-BE0BAD702143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2697_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1A8828-0765-4799-AD6C-143F45FAAD23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2697_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "12D34618-1CCA-405B-A49C-EB384A09C2C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2697a_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "575D6061-66BC-4862-BC84-ECD82D436E2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2698_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "56B6EE64-1AD4-46B2-BA65-BB6282E56EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2698_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "11650B45-0BDA-42BF-AEF3-83B48DD6A71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2699_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3C92BA-827B-48AF-BBB3-FB60A9053C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2699_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC097E24-F6C9-40D9-95E9-7EFDFA61AFF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2699a_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB44CA7-DFE6-4B1A-9A63-97AE30017E49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:2699r_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "4B305EFA-6226-412C-90EE-F0691F2DDDE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4603:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3874FA-63CB-4B5D-8B64-CE920320A4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4603_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "0800ED17-50E4-43F3-B46C-591DFA818BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4607:*:*:*:*:*:*:*",
"matchCriteriaId": "A46B0405-F301-4209-8766-6E12EAFAD157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4607_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "F99F9F1F-A967-4884-96CF-4488102DC0A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4610:*:*:*:*:*:*:*",
"matchCriteriaId": "DA9B37AD-4599-425B-B39F-E571F4975266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4610_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A5F1CF-A1E6-45F1-8B09-36566778DB57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4610_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "698C8A49-888B-4675-B3B0-25EDE2FD515E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4610_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "70D98F97-8EF4-48B5-84BE-C3CC27031FDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4617:*:*:*:*:*:*:*",
"matchCriteriaId": "B473D1FA-909B-492E-9C5B-94B0E20E1C0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4620:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD5EA7E-322E-4CE6-89D4-7DB1055C9034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4620_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "67836379-4E1A-45CD-9506-7D3F612E47C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4620_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B1BBC61-8664-4452-93A7-DDB4D2E4C802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4620_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F1B50C-FC5F-47F4-87BC-60E1BD3DD1F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4624l_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "044F0375-DF2F-4D9B-AD7E-473D34165E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4627_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEE9B72-5C4C-40C0-A8A7-9DF11655DA43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4627_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "4A0655CA-A88C-4632-9A18-560E3F63B2F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4627_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1454DD-DA51-4CBC-8BB2-09D5AB5777DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4628l_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "C6965851-3B29-4C21-9556-97FD731EAA85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4640:*:*:*:*:*:*:*",
"matchCriteriaId": "52984FD2-44E0-4E91-B290-0376737EEF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4640_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C5D92E2-E718-4247-BA5D-DFE86C0F6AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4640_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "DF933366-7503-4F8D-B7AA-F6A16210EC37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4640_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2DAF5D-5BB7-49C6-8426-8B547505B6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4648_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "3EABB21D-D021-434B-B147-CAF687097A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4650:*:*:*:*:*:*:*",
"matchCriteriaId": "7609424D-95F1-4493-A20C-B1BA4EC6439D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4650_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "966DC636-C802-4D9F-8162-652AFB931203",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4650_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "A75794EB-A5AF-43F0-985F-D9E36F04C6D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4650_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "31C2CFF0-98FD-4A0D-8949-D554B2FE53D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4650l:*:*:*:*:*:*:*",
"matchCriteriaId": "05F9217F-5028-4659-AA8E-F60548DE4D52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4655_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "4AC769DC-CF2E-4A3C-A610-264F024E6279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4655_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "9B2B1CBF-D155-49BC-81A4-4172F177A5C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4657l_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "370B2B32-519E-4373-8A04-5C5025D688BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4660_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "83D9B562-C279-4A55-A347-F28FC4F9CD12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4660_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8C2BA0-48A8-4107-8681-A7C34C553D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4667_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1B009DE-A82F-4569-9B42-EC1EC4DA8A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4667_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "683B6E83-37FF-4F9B-915F-059EBB29DB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4669_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "E218718F-4BE6-48B0-A204-9DD4A932A654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5:4669_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0AB327-B60A-473C-9D36-97766EE62D7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1428l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DA249EE-4786-4E27-8787-5E8B88C2AEB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1428l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEBD0529-1CF3-44E5-85B3-19A3323C9493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1428l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D664EE97-07EC-410F-94C3-AEAB2C6A627D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D31DB981-03B1-4A84-8D87-CD407C3C149F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1620_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CBD155D-89D9-4677-A621-4D7613BE65C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1620_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D02BD0D4-FFFD-4355-97D8-170362F10B9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1620_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6635781A-2651-4EF2-A5AC-AEEEE63FDE6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1630_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DCE6930-760A-48C0-B964-1E3ED6A8517C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1630_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E52DE90-DF96-4CE7-B8D1-226BA50E4D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8EB40E7-9B91-4106-B303-2B70AF395BFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1650_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB0D5CD-8AF3-409D-96A7-718641D4B90D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1650_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E420B0B-0CD5-41C7-B25A-3DB856055F9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1650_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B0C295B-0D63-4BE7-830D-D927E00C301C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "605C340D-2220-4669-B827-9009CB099E8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1660_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8791879D-2908-4F57-8DB3-6D24100A9108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1660_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEBEDBBA-0427-4DE0-BA8D-737DE7DF80E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1660_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E823DC5B-98BE-4656-BFBF-3A7018F8F213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1680_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64E8D558-ADE0-4358-9C76-7BD77BF23AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_1680_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7973B3D0-F244-4E26-88F5-A2D9BF2E4503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2403:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68E6BAB9-CBA4-4362-BC82-00D2C5CC6FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2403_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD3F4BFF-3CBE-4E4B-8B29-B203F99CFD8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2407:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F5CB567-4F86-4466-BE4D-BFF557ACAE0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2407_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A52611B-6583-4660-90D7-C9472728072B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2408l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E80C6E89-B57C-47BB-8B95-50C03DFB3B96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2418l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9AB685B-FEE1-41EF-A046-1B34619E12A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2418l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9F6724-967A-4AF0-9896-12BF6164B2CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2418l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1116BF-12D7-47CC-98DB-18B200CF9C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBB28DE-726B-4AF0-88A5-35987E1E648B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2420_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA1DB22-8FBF-4CF6-AA96-5B68EE28877D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2428l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1880E2B8-5E0E-4603-8D17-3ABA43D28179",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2428l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FAFBB92-1917-4238-832B-195FBE418271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2428l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91DFDF3F-9A3F-42B8-99A1-A3F76B198358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8778F972-BF34-482F-9FA7-71A77F6138E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2430_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F288BB0-FE7A-4900-B227-BE80E4F4AADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2430l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8DC53A-90C6-47FE-89F1-A1FE8B1C07A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2430l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57E16338-A094-4CA9-B77F-6FE42D3B422C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2438l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E07AB33-5351-487D-9602-495489C7C0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2440:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22115ED6-1707-4840-B0D1-AD36BC0C75A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2440_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C633BC-831F-4CB7-9D62-16693444B216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2448l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CF5EE7E-F41B-44EC-9F69-7963B1BF1FB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2448l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD501E1-E78F-44C6-8A13-C29337B07EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9085BA0B-B7E2-4908-90C0-B4183891C718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2450_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2267CB8-0EE9-4DBD-AD5F-8A13BB62673C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81971C2F-137A-4F11-8C93-3B99D4CD1B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2450l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98E0BDAC-398E-406B-B2DB-AE049D6E98B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB66D7E-B465-4A8B-8CBD-7E93CCA2CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2470_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86AFDE6C-DE58-4C4D-882E-474EF6C3D934",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2603:-:*:*:*:*:*:*:*",
"matchCriteriaId": "950C6BF9-AA47-4287-AC01-D183237490FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2603_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2355181D-D8EE-4F80-8280-13D5CBCF4779",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2603_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5209343F-66B0-4DC0-9111-E2E64CFF7409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2603_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "720109A6-B79E-48E1-9AE7-7708B154788E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2608l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82FF0DBD-AE13-4232-80F7-F4C2E2CC9721",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2608l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E944ED-8C02-46B8-BF95-0CE4C352753B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2609:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77AEA3D1-4846-46E2-9B80-20B19F00DC11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2609_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1576978F-E93D-4A47-90B6-6A4E3A7DE558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2609_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D339FE5-001F-4005-88A5-CFFE37F9B63E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2609_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BDABA86-497E-497E-A5BA-46F913A4840A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2618l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD886F4C-DB6F-4DDD-9807-8BCBB625C226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2618l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E16912A-7F6A-4A2B-B70F-D1FCD34BC7DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2618l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C454B7-E5F4-4AAE-B577-FD71FA002C8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38BE2781-3A06-4D62-AC8B-68B721DA526B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2620_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9AE4EA5-B8C8-4AE2-9614-F9DBDB4D79DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2620_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA23772-2EB8-4BEE-8703-26D967EC4503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2620_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72DC766A-B1F9-4B83-9F9B-CF603EE476BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2623_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA594740-43C5-4F42-BA5B-00CA8AE7BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2623_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "572B16E2-8118-43A0-9A80-5D96831D55FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2628l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FB5C551-BADC-4A3A-93E5-2EBCA0704C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2628l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5383B7A3-1569-4FEB-B299-B87CE8C8A87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2628l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A05BBDE0-6C47-4489-9455-7DA7D230ECA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1789AA69-EA31-44D1-82E6-228E48E18586",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2630_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A7D5FF-3B1F-4C64-BB81-7A349765520D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2630_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D93A92E9-C8D2-4F6E-A5CA-E8AFFEEC7E13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2630_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F0498B3-393A-4C32-B338-E6014B956755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2630l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C451F752-6869-4AFA-BAE5-5C9A54427BF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2630l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83710FD1-099B-436D-9640-061D515E10BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2630l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "517B71CE-6156-40E1-B068-A2B733E205E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2630l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11DEEEE5-5055-4CE1-962C-C5F075F4CC02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2637:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8718DDAB-3208-48CF-9BCE-54DA1257C16A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2637_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1AA901-E822-4240-9D82-C9311E4F87B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2637_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDE3DF-8E79-4997-94EB-B517FFCAE55C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2637_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A0DE13-EB0B-493B-BC84-3AEB3D454776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1727697B-1F59-4E29-B036-C32E9076C523",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2640_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E69E827C-C0D0-46C7-913A-1C1E02CEAACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2640_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2528F3F9-34DC-41DA-8926-382CB3EF5560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2640_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E452C262-5A8D-4D97-BC7F-A4F5FF53A659",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2643:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57BF69-D750-4278-98AA-976B0D28E347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2643_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ADAE30-6CAD-4F5B-B6F7-C18953144C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2643_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A25D792-E21D-43EE-8B9D-67DE066DE5DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2643_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C669783-C058-4B4F-BB9A-84B2C4682247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2648l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "159B088B-9A85-4CAA-854A-AA080E528F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2648l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBE74A94-FE8F-4749-A35A-AB7D57E24913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2648l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "990AC341-0E67-4A81-87E9-EE3EFD9E847E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2648l_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53BC18B0-58F1-4477-9978-CA7383C197FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "474992FB-842D-4661-A565-44AF2CD78693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2650_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "476E1B79-5342-4895-96D7-E97DFC1F5334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2650_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD318D5-89A6-4E28-939C-C5B61396806B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2650_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "981AD3FF-1D14-4ECD-8B6F-BCEB7F2409AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2650l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A32C7E89-32ED-4328-9313-FA7D3DDBDC58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2650l_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2792EED8-2CBD-478E-BC09-05FE830B3147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e5_2650l_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97B1AF2F-6E48-4DBD-A60E-3088CA4C3771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2803:*:*:*:*:*:*:*",
"matchCriteriaId": "34E1691D-65B3-45E4-A544-8B29E38D569D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2820:*:*:*:*:*:*:*",
"matchCriteriaId": "E42F2703-B8AB-410E-AF7B-CD0BE777F061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2830:*:*:*:*:*:*:*",
"matchCriteriaId": "31244C94-00A3-499C-A91A-1BEF2FB0E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2850:*:*:*:*:*:*:*",
"matchCriteriaId": "878FF6E8-8A6D-44CE-9DD1-2C912AB8A193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2850_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "5078A95B-2BD8-4A37-A356-F53D1A53CB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2860:*:*:*:*:*:*:*",
"matchCriteriaId": "0BFE67CD-DE53-4C4E-8245-35902AEFA6E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2870:*:*:*:*:*:*:*",
"matchCriteriaId": "9F231D31-3AAD-4C5D-A225-D2DF94486718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2870_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "5998DF5D-E785-45EC-B8D0-1F4EC4F96D50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2880_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "EADFD013-0BFB-427C-98E6-F9E4774DCBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:2890_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "58620B10-FEA6-456D-B6B5-2745F5DBE82D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4807:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F698B1-D9CF-4FE5-933D-EFCEA3056E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4809_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4858A1F0-97F2-4258-AB98-027BF1EC5117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4809_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C961A8B-EAFD-4F66-9432-BCC0D154ECCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4809_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "052DE6CD-A1E7-4E81-B476-66EF451061C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4820:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE1AE1E-6FC0-41D8-857C-C5A99CAF5823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4820_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "751B3AC8-D45E-46B6-83D5-311B693F3C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4820_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "9588277A-0B97-4408-9CF7-11271CDAADD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4820_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "479FE854-85E5-4ED0-BFAF-2618C9053082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4830:*:*:*:*:*:*:*",
"matchCriteriaId": "E048B9BF-77C8-49F7-9F2D-9999F79BA264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4830_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CD16D4D-E816-486D-96F4-5A2BF75B959F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4830_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "169C558E-1A83-47D5-A66B-035BD1DD56FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4830_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "D683E509-3FB2-4175-BCAB-4EB1B5C04958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4850:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCFA915-5445-4732-9F8F-D7561BA4177F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4850_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "63A9FD98-C22D-48F6-87A1-60791C818A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4850_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "85F99F24-1783-4E6E-BE61-04C2E80356ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4850_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "74CC7EB9-3F59-4C0A-B3A1-984BCCFB25BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4860:*:*:*:*:*:*:*",
"matchCriteriaId": "85289E4C-C813-4677-867D-EE8E98F4A1A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4860_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "27C8150F-BEFA-406D-9F0D-E7CB187E26AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4870:*:*:*:*:*:*:*",
"matchCriteriaId": "1E807F90-819F-4103-B1F7-4CE46971BD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4870_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD93203F-71B9-4F87-B5D8-FD273451C8A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4880_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1E652C74-C48D-4F29-9E85-09325632443F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:4890_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "99158191-3013-4182-8A53-5DFCA1E2C60A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8830:*:*:*:*:*:*:*",
"matchCriteriaId": "F7E39A3E-7EAE-47C9-930B-58A980B73FC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8837:*:*:*:*:*:*:*",
"matchCriteriaId": "FFDA54BA-C00D-4890-9B7F-328257607B21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8850:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5EFB1E-334C-4B55-8E2E-6AE19B34774D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8850_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8260DCA-2F0C-45F7-B35F-D489AF5639F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8857_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "7778F81B-6D05-4666-B1D4-53DB0EC16858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8860:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC6706A-61F7-4AA0-B2FF-0FFDF739A644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8860_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "7EF1B16B-02F2-4ECA-938E-B5CDCFC67816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8860_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C5501D8-1B0D-4F5A-AFD7-C63181D3281F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8867_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1751F0CE-A0D3-40E2-8EEC-D31141FE33A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8867_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "5FF9AFA7-BBE8-4229-94CB-5A9596728BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8867l:*:*:*:*:*:*:*",
"matchCriteriaId": "E23A777F-68A4-4217-A75A-4D8A27E6451A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8870:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA27DFB-CDD1-4F52-86B3-DB2320A9C7B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8870_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "392A4337-11F6-4980-A138-4FDBCAD0EBA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8870_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "E2E9BB67-F1FF-4190-889F-78B965CCE934",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8870_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "F4185A70-5D10-448E-A9AB-AA9D5CDF0FF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8880_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "35607317-0928-4297-A33E-D44BEE1BBEC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8880_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "D48323B1-7FEB-451F-A064-23E7CE7F6403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8880_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "29EF4E8A-EF37-4DCC-B5D4-DA89AF31DD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8880l_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "F5763189-7980-4A72-92C9-1908FE9E15EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8880l_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "C53ACD49-DA21-4DDE-A0AA-FCCD59D29886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8890_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4326D350-EBC2-48E6-A2C6-0499F6826CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8890_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "8594E6FE-B6DB-4343-B3DD-AEC19923DAF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8890_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BCADA00-E453-414D-9933-FCB43D21BBC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8891_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "E62212D9-F707-4A8E-AB2A-A3985E7A4049",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8891_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "561755A8-8AAD-4F41-8266-747EFDAF2D55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8891_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F4BB0F-DAF4-479B-B78A-7929C151AA1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8893_v2:*:*:*:*:*:*:*",
"matchCriteriaId": "A207312E-1D35-4464-A111-22C4C793E146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8893_v3:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B16E32-07D5-445B-BAA5-4E4A0881BFC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8893_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF08F6B-2ECB-414C-82D7-C06085BF8B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e7:8894_v4:*:*:*:*:*:*:*",
"matchCriteriaId": "21032BE3-74D8-4C3F-B461-158F475B6853",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:5115:*:*:*:*:*:*:*",
"matchCriteriaId": "2F9AC992-59B7-44EE-9FF3-567AC48938AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:5118:*:*:*:*:*:*:*",
"matchCriteriaId": "B44B3BFF-649A-4C1E-9564-EFA007FA2BD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:5119t:*:*:*:*:*:*:*",
"matchCriteriaId": "C04EDD71-15B3-4085-828C-BB7A43DBDCC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:5120:*:*:*:*:*:*:*",
"matchCriteriaId": "CC1BA7AC-989B-4093-841A-C6D5978BF17F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:5120t:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F848-B15B-4369-A164-5FA11D2B9AFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:5122:*:*:*:*:*:*:*",
"matchCriteriaId": "9E46F934-9765-43ED-88A7-A4778C99A976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6126:*:*:*:*:*:*:*",
"matchCriteriaId": "380A8F4F-7D1F-4F79-B555-E5AE18EF9F5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6126f:*:*:*:*:*:*:*",
"matchCriteriaId": "E8D5217E-9520-4FDB-9330-C8DC2CDDAA70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6126t:*:*:*:*:*:*:*",
"matchCriteriaId": "B206674F-1A34-470B-820C-05F9C37792CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6128:*:*:*:*:*:*:*",
"matchCriteriaId": "63AE2051-9F8E-4477-8E1E-38A1E06AD247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6130:*:*:*:*:*:*:*",
"matchCriteriaId": "6B39281F-990C-4AA3-9287-CCB5BA7E8AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6130f:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDC0FCF-BD22-42AD-8044-9A64215B91CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6130t:*:*:*:*:*:*:*",
"matchCriteriaId": "7E0ED8AA-56D8-4CB6-A765-706BE87C9E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6132:*:*:*:*:*:*:*",
"matchCriteriaId": "AA890C07-7940-4DF4-96FB-8F71A2EFE5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6134:*:*:*:*:*:*:*",
"matchCriteriaId": "E95A34F0-0B74-4031-BC9E-CBC93665BE68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6134m:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD3CF38-0DDD-4C1C-B420-4DE0B1C932CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6136:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB22DF7-15CE-4340-A05F-BD39FCA41F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6138:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA72DC8-2E4E-453A-A3FB-20F31D32B973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6138f:*:*:*:*:*:*:*",
"matchCriteriaId": "758E45B6-7C7A-432D-891D-CB99077AE3B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6138t:*:*:*:*:*:*:*",
"matchCriteriaId": "06B3CDFF-B055-4BB4-98FB-DFF4B2E63A29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6140:*:*:*:*:*:*:*",
"matchCriteriaId": "26D7A401-BCE1-4673-93C9-67F009B75A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6140m:*:*:*:*:*:*:*",
"matchCriteriaId": "6E62119B-2A65-4473-B570-F118614B0ED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6142:*:*:*:*:*:*:*",
"matchCriteriaId": "5E5319E0-909C-4688-AAA6-6A0B5D19FFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6142f:*:*:*:*:*:*:*",
"matchCriteriaId": "8F83F9F9-D2DB-4D40-AD61-29E66B050B45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6142m:*:*:*:*:*:*:*",
"matchCriteriaId": "91BE6238-312E-4CF7-9E74-48CB5603B0FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6144:*:*:*:*:*:*:*",
"matchCriteriaId": "AC09EB6D-7FAC-4B61-83A5-B0DC18D54EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6146:*:*:*:*:*:*:*",
"matchCriteriaId": "33BA1BE0-0A78-4E94-A619-35735C913180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6148:*:*:*:*:*:*:*",
"matchCriteriaId": "3FDD838C-8037-49E1-BAB4-C1D7D29BB9D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6148f:*:*:*:*:*:*:*",
"matchCriteriaId": "24CA40FE-80C5-4A20-8219-CEF51F3162FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6150:*:*:*:*:*:*:*",
"matchCriteriaId": "B10305C5-0C2C-48B7-A0AD-2B24AD722EBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6152:*:*:*:*:*:*:*",
"matchCriteriaId": "33E8F127-6EAE-4302-BD52-7C3FCCA307D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold:6154:*:*:*:*:*:*:*",
"matchCriteriaId": "8D675EA9-33E7-45ED-B6A9-7117AD2FEE26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_phi:7210:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E468FE-73BE-4B20-B774-58EC7CD20CDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_phi:7210f:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF6B19B-7D45-44B3-8524-407253B93EEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_phi:7230:*:*:*:*:*:*:*",
"matchCriteriaId": "2B803FAD-E54D-49FE-A078-029B8FFBBB98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_phi:7230f:*:*:*:*:*:*:*",
"matchCriteriaId": "CC511505-ED67-45B4-B76C-56AB750C4408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_phi:7235:*:*:*:*:*:*:*",
"matchCriteriaId": "A430C232-79EB-4264-AE24-41D4A2A5D990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_phi:7250:*:*:*:*:*:*:*",
"matchCriteriaId": "3A9E3D4B-A3DF-4858-8C64-0316B6E57435",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_phi:7250f:*:*:*:*:*:*:*",
"matchCriteriaId": "19108672-E1AA-41CC-B86C-061D3721C8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_phi:7285:*:*:*:*:*:*:*",
"matchCriteriaId": "200D36CF-AEDE-4183-8C54-748E6E5A3218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_phi:7290:*:*:*:*:*:*:*",
"matchCriteriaId": "4CF13A44-5163-4282-8EE8-7DC05499B5E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_phi:7290f:*:*:*:*:*:*:*",
"matchCriteriaId": "827C12CE-D87D-489D-ABA7-BE0405EC33D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_phi:7295:*:*:*:*:*:*:*",
"matchCriteriaId": "16AA78F7-520B-4FFC-838C-DC74FEE8E13F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8153:*:*:*:*:*:*:*",
"matchCriteriaId": "8CB2949C-4699-49EF-83EB-31199E0CE2DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8156:*:*:*:*:*:*:*",
"matchCriteriaId": "66C169DC-EEFE-4DE6-A3D0-65B606527240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8158:*:*:*:*:*:*:*",
"matchCriteriaId": "FD28227A-8888-43B2-BC41-8D54B49DA58C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8160:*:*:*:*:*:*:*",
"matchCriteriaId": "7984BAEA-4518-4E17-830E-B34D09648BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8160f:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2214E5-491E-448F-A4B6-A497FB44D722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8160m:*:*:*:*:*:*:*",
"matchCriteriaId": "2AE93013-C262-46A5-8E77-D647881EE632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8160t:*:*:*:*:*:*:*",
"matchCriteriaId": "85B53CEC-943F-4966-8EC1-CB2C6AD6A15B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8164:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAC04A3-EBE3-406B-B784-A3547162ECE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8168:*:*:*:*:*:*:*",
"matchCriteriaId": "15720FFE-B2A4-4347-BCD7-DFA6774C0B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8170:*:*:*:*:*:*:*",
"matchCriteriaId": "50F46B0E-C746-44B4-B343-E3DCAB4B98DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8170m:*:*:*:*:*:*:*",
"matchCriteriaId": "5AE30903-4F75-4D71-A8BB-44D1099E9837",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8176:*:*:*:*:*:*:*",
"matchCriteriaId": "98311EAA-26C8-4092-8BE5-4E7BEAA68DD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8176f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8CF348-811C-4342-ACB9-AFCABCC34331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8176m:*:*:*:*:*:*:*",
"matchCriteriaId": "71998EC5-EC0F-496C-B658-3CD91D824944",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum:8180:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F19B2A-E7A1-4B97-AC40-02B0D3673555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver:4108:*:*:*:*:*:*:*",
"matchCriteriaId": "CB6387C9-C0A8-4B26-BC62-802775CD0AD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver:4109t:*:*:*:*:*:*:*",
"matchCriteriaId": "EFEB0164-77C2-4EC2-92FD-5FCE246119CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver:4110:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB20210-337C-4220-8CA1-F4B2BC54EBC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver:4112:*:*:*:*:*:*:*",
"matchCriteriaId": "F699569F-4F52-4CC0-90D9-CC4CBC32428A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver:4114:*:*:*:*:*:*:*",
"matchCriteriaId": "CBAED22B-D097-49C4-ADDF-4B3F3E1262D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver:4114t:*:*:*:*:*:*:*",
"matchCriteriaId": "ACF5C3C2-EE69-4DE7-A76C-C797192EE7A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver:4116:*:*:*:*:*:*:*",
"matchCriteriaId": "7756B588-5A63-4508-8BDD-92DB8CB0F4AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver:4116t:*:*:*:*:*:*:*",
"matchCriteriaId": "316E26AE-67A5-4E75-8F9B-ECF4A03AED51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"matchCriteriaId": "588D4F37-0A56-47A4-B710-4D5F3D214FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:local_service_management_system:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "668E2252-2290-41B5-95AB-95FB6092FF8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:local_service_management_system:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBD9A6A2-3AE0-46A5-A953-1ADC280C16E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:local_service_management_system:13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7511381A-142F-4EC4-9399-86BA8218A6AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*",
"matchCriteriaId": "964B57CD-CB8A-4520-B358-1C93EC5EF2DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79A602C5-61FE-47BA-9786-F045B6C6DBA8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "521AB96C-3C60-44E1-935E-C6037343A3DC",
"versionEndExcluding": "1.1.7-6941-1",
"versionStartIncluding": "1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C997777-BE79-4F77-90D7-E1A71D474D88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synology:virtual_machine_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F53AB67-1CFA-467B-B2B1-D2447886FECE",
"versionEndExcluding": "6.2-23739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:synology:diskstation_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB76C76-94F1-4109-9BA0-2390112816B3",
"versionEndExcluding": "6.2.2-24922",
"versionStartIncluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D0C5120-B961-440F-B454-584BC54B549C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CCBDFF9-AF42-4681-879B-CF789EBAD130",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:synology:vs360hd_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66FC24F8-1B82-40EC-856A-2EA1736FFE5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:synology:vs360hd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E2100A-F6C2-4B86-A4D0-08D998BEC86B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "3C04C1B2-B0C7-402D-B79E-B0157E011B28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"matchCriteriaId": "E6334AF0-79FD-444D-BD41-DC8BF90A4109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "41E76620-EC14-4D2B-828F-53F26DEA5DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5A7ED7DD-A7D2-4A71-8415-26103530AB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp2:*:*:*:*:raspberry_pi:*",
"matchCriteriaId": "CE80FF2C-0075-4F00-938F-C2C267E950D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp3:*:*:*:*:*:*",
"matchCriteriaId": "CEF98D6C-3C80-4A42-B14B-22D69BC1F4C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "50E90625-DEB3-49D3-89B6-E9EEFFABD975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "6E24E90D-6E89-439A-8418-440910C3F07C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit:12:sp3:*:*:*:*:*:*",
"matchCriteriaId": "33AFC27C-16AF-4742-9891-2240A73C6602",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-r7_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93C10475-AE35-4134-BB87-45544A62C942",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-r7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "044039A3-2AC7-4685-B671-C9B9FFD4ED6E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-r8_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "477B6938-2314-487E-BB35-354B335AC642",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-r8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE2F2C6D-3F41-4C42-81E2-01A52AD035B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a8_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D44EBD85-6140-41CD-8D26-29554CD2FBA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87BC54A8-6CF9-453F-9008-72CBA8C62BC4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17DD7CB1-76E8-41C3-86B8-E43ECBB5E6CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4437E468-F93D-4CE3-A156-06F631030A41",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a12_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03311F2A-30E6-474E-824A-281ED3DE86AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40B4D5CE-8DC1-4300-BCF0-71CFB4331B71",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a15_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23EADA1F-73E8-4E70-AF90-CE8D26552687",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FDE279-49C3-452A-B9B0-36199C221F95",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a17_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D591F3BE-13BB-4006-BE46-E975779DE5E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a17:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D90DFDC-0B90-4431-9A23-194A5BC651F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a57_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68D895EC-B0A9-4292-AC64-60673F72C765",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a57:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B00CD88D-5649-403F-A55A-BD49427D30FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a72_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38768B2B-F1A3-4A76-8716-9520CA075F3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a72:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16E23102-964E-485D-8EFF-4B1BBFE6EDE4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a73_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7173A6DC-4D4E-424C-A922-C16D67627834",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a73:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33B1374D-59E8-4FE5-AC6C-0323AB1DD60D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a75_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A891447-2F1D-48B4-AA47-3CB7EA4FDC7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a75:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C1DF922-1F46-41A6-A367-E56DD8C4163D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a76_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08CC4E5E-2794-4893-9B45-E14A3F4CF159",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a76:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E4FCA77-71D3-495E-BA2A-2953369E5DCC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pepperl-fuchs:visunet_rm_shell:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F926EFFA-6C44-4D99-B1EB-C9EAB63B6768",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:pepperl-fuchs:btc12_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1F44360-2B5D-4154-9D58-8ACEEF99DF15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:pepperl-fuchs:btc12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1574ACD1-F5EC-47C9-97C5-A456E2C1D7F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:pepperl-fuchs:btc14_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD89499-E4BE-4ACD-878C-06EB2BD59FC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:pepperl-fuchs:btc14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9111BA3B-6A12-4974-9B94-548F6968BB8C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A6E548F-62E9-40CB-85DA-FDAA0F0096C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl_ppc_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAAE5EC4-9BB6-42EB-9B20-9CC3FADB1C8D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl_ppc_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74B2ACC-6043-40F3-AAEC-BAEC804C7C65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl_ppc12_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE50478-AEA1-4DE3-9032-289DC6955634",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl_ppc12_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDAE7D8-7902-46C6-AE2B-8AA76E84417F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl_ppc15_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5D8E919-CFBD-466A-A519-9B509A4E3663",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl_ppc15_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCA09162-3331-49F6-A183-DDBE51C7F0FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl_ppc17_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB43A6C2-20DD-437D-AE6C-00A20C760CFB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl_ppc17_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F230367-F012-459C-AA19-38B2856C12A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl_bpc_2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C44C9C-BA5D-42DD-968C-7D75795A1ABC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl_bpc_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51A0C40-1A6E-4955-A498-F94EBDCCE0A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl_bpc_2001_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91424832-CC0F-454D-A77B-3D438D17CAB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl_bpc_2001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9544FE3-45A5-4803-A682-305C7BE488E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl_bpc_3000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2498F2D-5A4B-4893-84E3-1144C6A16F01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl_bpc_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE01550-016B-4BBA-9E56-FC18F0D52C82",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl_bpc_3001_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B39DD6E-EB5B-46AE-9F7E-C3AB8744DC33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl_bpc_3001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA86326-3959-40AE-8984-F01B6C49C846",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl_ppc15_3000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34215265-15D4-4662-9D8A-20E8F48560BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl_ppc15_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE66F952-2BDD-4700-AA3B-6CEF7EFBA4F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl_ppc17_3000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6EF7D36-9416-4634-AC9F-4115560E450F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl_ppc17_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4D7BA0-3715-4E91-A63F-AEA251BA35F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl_bpc_7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88F9519E-5640-45EF-8D4D-65E81797B967",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl_bpc_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E5A7C1F-3F46-4374-9F62-DC7B28020D86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl_bpc_7001_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "236A1006-7E56-4D2A-A9AF-C11E98EFBA56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl_bpc_7001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ED51E38-43DC-4214-8011-A223D6C03486",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl_ppc_7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9901BBE2-F9C3-4F5E-82FF-9C84691BF148",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl_ppc_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E67487D-73DA-4105-B4F8-41A1D54640DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl_ppc15_7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "772FFDA5-B054-4F97-A399-9A8E4B4830FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl_ppc15_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF2DB741-F0D0-4607-A40B-4A9BB97231BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl_ppc17_7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B647A88-B245-4796-BE42-EEE78D06F500",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl_ppc17_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3622D879-BA40-48B1-89D5-608AA99333A1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl_rackmount_2u_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "624F92AA-903D-4ADC-83BE-35B4EAE7F740",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl_rackmount_2u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "783D5428-AC98-4C58-AD6F-0D518B695529",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl_rackmount_4u_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69097B1F-C3EC-42FA-8C69-32D9DC430611",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl_rackmount_4u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3F1000E-ECF5-4952-BE18-53DEB7BA8135",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl2_bpc_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12165D80-E3BA-4254-A3C0-F9785ECEE6A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl2_bpc_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8631B12E-CE9A-41D2-BE3E-1C2FAF513468",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl2_ppc_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2378F6D3-FF9D-45AD-932C-9ED4B3FE8CFE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl2_ppc_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9E21E1-C9C6-4790-9C8F-153A0AA2120C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl2_bpc_2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F999652C-BCCA-4EFC-B859-4D6D995267D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl2_bpc_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA4BAB42-0A0A-480D-9DF2-7E99E45A12E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl2_ppc_2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86F3E671-D5BC-4FDC-9878-A6FB248E2D1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl2_ppc_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E838BFB-784F-4E36-990E-F50F554FCD15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl2_bpc_7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E9E5307-7E77-4002-95EF-7FE4AB32EBCE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl2_bpc_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A537819A-95AD-406A-960B-A56DF4199B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:bl2_ppc_7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "962E3CCD-39B6-43DB-A922-CBFE1CA5431D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:bl2_ppc_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F097E450-3E21-429E-8EDE-A20A32E205E6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:dl_ppc15_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60030678-EC0C-4B4C-97DF-8B8EBE1DED97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:dl_ppc15_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2FE4D0-D0BB-407E-9270-88269BE962C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:dl_ppc15m_7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "012D6DF0-E257-48B0-AF01-3226E6065590",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:dl_ppc15m_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5EFEB19-FCBB-4B6B-BAD2-786608E95E07",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:dl_ppc18.5m_7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21FDD77C-F607-48A0-9D03-29CC232213D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:dl_ppc18.5m_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A21D272B-5DA1-48C4-9C29-60FD1DA3B560",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:dl_ppc21.5m_7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFF99F0-4651-4CC4-8CD5-01DF8929B10E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:dl_ppc21.5m_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13C2D96C-0AC1-476A-9674-957745E134C3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:el_ppc_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D06CE4B7-C9DE-4EAF-8F94-2381AC559959",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:el_ppc_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5EF7960-4750-4ADA-B0A6-5B454A6A77E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:el_ppc_1000\\/wt_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EC378F8-533D-4F7C-99A3-0C2394C99172",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:el_ppc_1000\\/wt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A942215-96BB-4E0C-AFBE-3FF70719B15F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:el_ppc_1000\\/m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8559D73D-1275-4275-93FD-77E252C5E4C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:el_ppc_1000\\/m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F8F8B95-79EB-437E-A9CB-B5C0A9E395F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:valueline_ipc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "525798C3-7035-43D1-99FE-653797DECA3E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:valueline_ipc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9797EACE-8534-486F-A48B-7509F7906CA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl_bpc_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "658A8B84-8735-4CB8-9E9F-702786DD630B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl_bpc_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC14F03D-4C8C-4EB5-A4B9-D1D7364796D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl_bpc_2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B25B0B2-FFA4-43E4-B61B-EC322E39B084",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl_bpc_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92563152-F7DF-456A-828A-F225271F4B43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl_ppc_2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CAC1465C-D4E4-40A8-BC36-FC5FD3F84EB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl_ppc_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "717629B0-0981-4233-89AB-AF234847B639",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl_bpc_3000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3684354-FC1C-47A7-9AD7-00AF992B7605",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl_bpc_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B804BA1-9CD7-45AE-B28D-01337A800213",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl_ppc_3000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "054E26F9-188E-4F15-BB1A-8056639C69FF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl_ppc_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C7A6530-9CBF-432D-BA7B-45772C325A02",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl_ipc_p7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE73860-B3B8-4A96-8129-9AF45686F966",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl_ipc_p7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D68B1755-4154-4648-980E-3B998B9621C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl2_bpc_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CFA0714-60D4-4D6E-95A6-3195F84F3F2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl2_bpc_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18B811D9-EC0D-4623-AD5C-2757AD27604F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl2_ppc_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6C25A38-9F53-4AB9-A11F-9DF08D7CC9E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl2_ppc_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF2F5EFC-6FB1-44CC-A9FD-BAD6D6A29CD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl2_bpc_2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C712CB21-C5C6-47E3-9C6A-E5E280E87062",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl2_bpc_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51D201C6-1DFD-4A0A-BCD7-024E5ADAFA0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl2_ppc_2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8CC783-4144-422D-A154-72CC83D83E14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl2_ppc_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCEF736-BE5C-4BA9-80E0-304D55073F36",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl2_bpc_3000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "592BE162-B9B4-4CCD-A5CB-4C316B14BFB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl2_bpc_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4548FEDD-22AF-4753-A805-0FAA8BA22410",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl2_ppc_3000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD2E38F-01EA-4396-AE9E-B723FFA0E8D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl2_ppc_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DEB26DA-6CA5-4694-AB96-4E376C0D4018",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl2_bpc_7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE2EE280-6E1D-49C5-90B8-FA1940CC6E77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl2_bpc_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0ED092A-9CCC-4794-B8CC-531572B32F0B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl2_ppc_7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2596D20-A6F7-4FE7-9E94-11965188DB68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl2_ppc_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF7632B9-340A-4249-91B3-0C93232B3108",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl2_bpc_9000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD42607-7668-4ACC-94F3-E4C1F510EE38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl2_bpc_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC743E65-BFC2-4149-AB51-F529AB934296",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl2_ppc_9000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0A1D10-B700-40A2-9A89-DDBD809294DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl2_ppc_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBED3056-BE7E-47DA-9818-4D57E29E7586",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl2_ppc7_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67B75497-625B-44D2-8552-F8AA597EA6D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl2_ppc7_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9B7B72-413E-4B2E-A68C-D5A748CA4CBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl2_ppc9_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "766B3429-8B60-4774-BFCA-349F59846D6D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl2_ppc9_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EC738BF-9BDB-4969-B00E-253D47C583D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:vl2_ppc12_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3452BB23-7A21-48F5-971F-9D8C92697B36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:vl2_ppc12_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45335605-EBA7-4C20-A334-A427656FD261",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_itc1500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "766841A0-9E9F-48A6-B815-467734AD7D68",
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_itc1500:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "CD355D0B-151A-457B-B0C9-7A6314315364",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_itc1500_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1511A71-8E8B-4985-8A39-69C801D48BFC",
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_itc1500_pro:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8D4A368-64AF-412B-B5BB-AD6BC84F95C3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_itc1900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13EA8C25-9918-456E-B0F5-206081207E98",
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_itc1900:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "070D8D5D-0703-41BC-8D44-8379409D7CFB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_itc1900_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D54BE23-10D8-4FD2-9C0F-49785E55E28D",
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_itc1900_pro:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1402705D-BB4B-4639-92A8-B939B6AB3173",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_itc2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "482C1848-4840-4CE4-B8C1-E387CA672AB3",
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_itc2200:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "41507D57-119A-4EE6-8F3C-7DB635298F1F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_itc2200_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDA0CBED-0140-4319-817C-CAE812EA5815",
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_itc2200_pro:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "74DC92AC-246D-4DA2-85B3-B33EA5839310",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_winac_rtx_\\(f\\)_2010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9C4333E-242B-472B-88A6-41669FCE48E4",
"versionEndExcluding": "2010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_winac_rtx_\\(f\\)_2010_firmware:2010:-:*:*:*:*:*:*",
"matchCriteriaId": "E84371B8-69B9-4C60-B1AE-9EA89E25961B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_winac_rtx_\\(f\\)_2010_firmware:2010:sp1:*:*:*:*:*:*",
"matchCriteriaId": "4CBC4304-6AD9-4C12-B814-76CCCF9EBF0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_winac_rtx_\\(f\\)_2010_firmware:2010:sp2:*:*:*:*:*:*",
"matchCriteriaId": "222D35AE-B32B-4167-9A6D-E88CCF3C823C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_winac_rtx_\\(f\\)_2010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6034789-ABD1-4035-8378-F0BA7157B087",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20740117-8BC1-47B8-AA10-8ADF91F1CA86",
"versionEndExcluding": "8.5.9",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "133DFB76-70D7-4480-B409-2A657DF3B6AD",
"versionEndExcluding": "12.5.8",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B66C5256-6863-4B81-BC82-B76320467449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201312101:*:*:*:*:*:*",
"matchCriteriaId": "5D98B374-B2FC-47C3-8376-B9F45664C436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201312102:*:*:*:*:*:*",
"matchCriteriaId": "B75207AF-2BB8-4D6B-AF4C-BEB25895BA2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201312401:*:*:*:*:*:*",
"matchCriteriaId": "4091C844-6778-46D2-B135-CD4E3FAA0714",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201312402:*:*:*:*:*:*",
"matchCriteriaId": "7A3308A7-AF6A-4519-92E2-EF5FE6F9C78B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201403101:*:*:*:*:*:*",
"matchCriteriaId": "BB2F377F-7260-47FE-9F50-40374EA1ED9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201403102:*:*:*:*:*:*",
"matchCriteriaId": "B73A27AE-5483-4F59-9D03-1E65CEFB5EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201403201:*:*:*:*:*:*",
"matchCriteriaId": "67E6B861-B758-48C6-9B4E-CA348D4A8D11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201403202:*:*:*:*:*:*",
"matchCriteriaId": "25D9AB99-4AD7-4765-9832-44180E038BB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201403203:*:*:*:*:*:*",
"matchCriteriaId": "0AB2650C-DF46-498E-AD6E-549649A20849",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201403204:*:*:*:*:*:*",
"matchCriteriaId": "CE7D5CA7-2D77-4B44-AE53-DF07A9D3E43F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201403205:*:*:*:*:*:*",
"matchCriteriaId": "7E9270E3-F4FC-43ED-BA80-67F321BF33C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201403206:*:*:*:*:*:*",
"matchCriteriaId": "B687FC8F-DE82-446B-8EB1-3F3193735D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201403207:*:*:*:*:*:*",
"matchCriteriaId": "1B710A10-5076-4473-88AE-CA4A9935DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201403208:*:*:*:*:*:*",
"matchCriteriaId": "432C66F0-03FA-4E0A-805F-7505B92C348B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201403209:*:*:*:*:*:*",
"matchCriteriaId": "4B0B6D86-60E9-4193-8E8B-F07DF7410746",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201403210:*:*:*:*:*:*",
"matchCriteriaId": "D17F3263-3107-4785-BF6B-8A62A13FC720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201403211:*:*:*:*:*:*",
"matchCriteriaId": "5A86BD5F-3858-4E50-995A-CEBE0C0FC19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201404401:*:*:*:*:*:*",
"matchCriteriaId": "0FB7F12A-3C70-41DC-B64F-990316118A07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201404402:*:*:*:*:*:*",
"matchCriteriaId": "A1CF97B6-E3AE-47A6-A49F-3BFE66CB87F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201404403:*:*:*:*:*:*",
"matchCriteriaId": "A644757F-6A6F-49F5-9B81-06F10C5E34EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201404420:*:*:*:*:*:*",
"matchCriteriaId": "D84D5E4F-DDBA-42B7-974B-02DCB780E8CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201406401:*:*:*:*:*:*",
"matchCriteriaId": "979169D0-0C6E-4B4A-8FEA-FEBE33B09D0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201407101:*:*:*:*:*:*",
"matchCriteriaId": "20EB85A2-0051-430F-85B8-C2DA446E0AC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201407102:*:*:*:*:*:*",
"matchCriteriaId": "12156ABC-3724-4F3E-9E38-7C2C896C48EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201407401:*:*:*:*:*:*",
"matchCriteriaId": "BC573DAD-46D1-473A-B530-862DD301F287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201407402:*:*:*:*:*:*",
"matchCriteriaId": "08A9F95B-6B7A-4CDE-94AC-3235ED59B1E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201407403:*:*:*:*:*:*",
"matchCriteriaId": "05F30A0A-DC59-4BDE-9060-BE25E35A21BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201407404:*:*:*:*:*:*",
"matchCriteriaId": "A6B31963-6FA3-4EC8-9F95-A999EB95B3F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201407405:*:*:*:*:*:*",
"matchCriteriaId": "B7DE1928-2F1F-442C-9E10-080AD9BD8D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201409101:*:*:*:*:*:*",
"matchCriteriaId": "D52E2286-239F-4486-9FB1-40ABF2C3A4D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201409201:*:*:*:*:*:*",
"matchCriteriaId": "7D8617AE-22D6-4A9A-864B-6B104AE19826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201409202:*:*:*:*:*:*",
"matchCriteriaId": "9AE60429-3163-4621-9973-9569C489D0F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201409203:*:*:*:*:*:*",
"matchCriteriaId": "946564F5-90DF-47FB-B704-434222171F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201409204:*:*:*:*:*:*",
"matchCriteriaId": "7B371375-2F70-4A5C-81A1-3D24236EE06C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201409205:*:*:*:*:*:*",
"matchCriteriaId": "2D89D1FB-354B-4F47-9B68-BC88266C603D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201409206:*:*:*:*:*:*",
"matchCriteriaId": "990EA9A7-AA65-41D9-BFC3-987DEB875AF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201409207:*:*:*:*:*:*",
"matchCriteriaId": "45930839-7669-46B1-88A8-EC7448CFAA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201410101:*:*:*:*:*:*",
"matchCriteriaId": "116EC72C-1639-4E89-8DA5-14F326D8E91D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201410401:*:*:*:*:*:*",
"matchCriteriaId": "56ED6A51-50F6-4181-9FFB-411854102B44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201410402:*:*:*:*:*:*",
"matchCriteriaId": "013566F1-27AD-408A-9ADE-3D88865FC560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201410403:*:*:*:*:*:*",
"matchCriteriaId": "B924FE54-CA68-4C95-A9DA-DD37F2B8D851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201410404:*:*:*:*:*:*",
"matchCriteriaId": "953DC00C-C694-4AFF-AC8D-3EF8F7B2EA9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201410405:*:*:*:*:*:*",
"matchCriteriaId": "71726A09-D9DE-4063-8B83-35F5E1C15C4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201410406:*:*:*:*:*:*",
"matchCriteriaId": "466ADBAF-9B8A-4F46-A061-3892CDFE0BE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201501101:*:*:*:*:*:*",
"matchCriteriaId": "A5E9B1C7-54CF-4761-ACC4-85D706ECE6FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201501401:*:*:*:*:*:*",
"matchCriteriaId": "7870F2CD-247B-4F1F-BE7E-B0A73210CB7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201501402:*:*:*:*:*:*",
"matchCriteriaId": "21D439E5-9283-41F2-A68E-48C27648A4F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201501403:*:*:*:*:*:*",
"matchCriteriaId": "FE762CF7-9B71-4E79-AF1F-077FF2584F3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201501404:*:*:*:*:*:*",
"matchCriteriaId": "A86BD94F-D60A-4E5C-808D-F129B2C221F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201501405:*:*:*:*:*:*",
"matchCriteriaId": "91CA06BB-2978-48E7-974C-AE588D0B773B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201502401:*:*:*:*:*:*",
"matchCriteriaId": "AEC96D0F-56B5-4582-8519-5CFD59276221",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201504201:*:*:*:*:*:*",
"matchCriteriaId": "D8285D4D-9962-42CC-95C6-F5452EA62B11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201505101:*:*:*:*:*:*",
"matchCriteriaId": "C715C51F-F1FC-4B92-BF77-EC75882CFE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201505401:*:*:*:*:*:*",
"matchCriteriaId": "F1BA0B41-E7B7-469F-BEB1-73A6A3315BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201505402:*:*:*:*:*:*",
"matchCriteriaId": "26E44694-3121-4F50-9052-BAB42D6B45C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201505403:*:*:*:*:*:*",
"matchCriteriaId": "CF156298-D57B-4F30-8895-C3DCE5D8FA7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201505404:*:*:*:*:*:*",
"matchCriteriaId": "2485CC85-A58A-41A3-A0C3-F52C82D772A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201509101:*:*:*:*:*:*",
"matchCriteriaId": "3CB9206E-98ED-472F-8272-3DA2FEA82696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201509102:*:*:*:*:*:*",
"matchCriteriaId": "83FEB3AF-DB9D-4958-AC26-04C694F0416A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201509201:*:*:*:*:*:*",
"matchCriteriaId": "62A760D9-FEA2-49AD-8250-3A830398ECD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201509202:*:*:*:*:*:*",
"matchCriteriaId": "43E6E75D-D814-4DAA-9759-6948955501DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201509203:*:*:*:*:*:*",
"matchCriteriaId": "BEFD9527-F0CA-493B-A894-4BB26AB65F54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201509204:*:*:*:*:*:*",
"matchCriteriaId": "9DC241D3-4352-4339-8C81-BA7878FD5062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201509205:*:*:*:*:*:*",
"matchCriteriaId": "D2E50F31-00DB-4724-982E-E39E55E75FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201509206:*:*:*:*:*:*",
"matchCriteriaId": "1099C9B4-11A1-4545-8054-5CC247286617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201509207:*:*:*:*:*:*",
"matchCriteriaId": "8F018232-8B68-4496-A38B-6E1B84F1AA28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201509208:*:*:*:*:*:*",
"matchCriteriaId": "D0F66CE5-E0BD-41B4-9D36-1C626FFF2141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201509209:*:*:*:*:*:*",
"matchCriteriaId": "08CB5270-1BD3-48D0-AB8C-B3CF0C52499F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201509210:*:*:*:*:*:*",
"matchCriteriaId": "EC263338-15D1-4F8C-8BE7-494971F31682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201509211:*:*:*:*:*:*",
"matchCriteriaId": "061C95B9-845F-4235-9ABE-7BD5F555209C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201509212:*:*:*:*:*:*",
"matchCriteriaId": "75EB3FC3-C4C1-4841-88E6-922CADC9B402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201509213:*:*:*:*:*:*",
"matchCriteriaId": "FE0F78D7-2139-46AD-9C69-229BA94896D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201510401:*:*:*:*:*:*",
"matchCriteriaId": "A630790E-2F77-4C05-91BD-06AB8894A28E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201512101:*:*:*:*:*:*",
"matchCriteriaId": "6A96EA60-16A8-4129-8E2E-B8B5C4F83D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201512102:*:*:*:*:*:*",
"matchCriteriaId": "A30EE76C-594A-4DD2-95D5-8E8D8B6D3185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201512401:*:*:*:*:*:*",
"matchCriteriaId": "D9A31A47-DE48-42AA-B7CD-4661624A50A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201512402:*:*:*:*:*:*",
"matchCriteriaId": "B0CC39CC-45DF-4461-9219-808CBE68592A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201512403:*:*:*:*:*:*",
"matchCriteriaId": "4FAC6817-6316-4592-8510-02772D3EFF3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201512404:*:*:*:*:*:*",
"matchCriteriaId": "711F5017-AEC2-4649-AA8A-6A596591F11C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201601401:*:*:*:*:*:*",
"matchCriteriaId": "A12209C7-0027-46B1-A8D8-535A631A4FA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201602401:*:*:*:*:*:*",
"matchCriteriaId": "8D09CF29-38FD-487F-8597-518F206531BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201608101:*:*:*:*:*:*",
"matchCriteriaId": "D35EAA15-0DEA-42D8-AEFE-F4CB6BC6CFEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201608102:*:*:*:*:*:*",
"matchCriteriaId": "BEC12F16-071D-4648-A044-1274CBACE988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201608401:*:*:*:*:*:*",
"matchCriteriaId": "0763BDFC-0D5D-43E0-BD3C-F6A7D41F53C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201608402:*:*:*:*:*:*",
"matchCriteriaId": "57160A54-9049-4F31-AF1A-28A18F0EFF95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201608403:*:*:*:*:*:*",
"matchCriteriaId": "54AD4072-BFAE-4941-8CC3-6DE5E3222DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201608404:*:*:*:*:*:*",
"matchCriteriaId": "9109EB3E-C635-4B99-9BE5-B9FD9C4B5D6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201608405:*:*:*:*:*:*",
"matchCriteriaId": "2E01FEF6-8D64-428E-AFB0-FFEB21CCDC39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201609101:*:*:*:*:*:*",
"matchCriteriaId": "910B3A6A-F418-4A0E-B612-DECD4900BB14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201609102:*:*:*:*:*:*",
"matchCriteriaId": "A6B5E386-0BFC-4F1B-9D1A-E2F31C8A05BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201609401:*:*:*:*:*:*",
"matchCriteriaId": "29175BA1-3A31-4E9E-8B52-B078CC33F51C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201609402:*:*:*:*:*:*",
"matchCriteriaId": "573A99EF-0B6B-41D6-B71F-1C21B1565A3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201609403:*:*:*:*:*:*",
"matchCriteriaId": "209AD390-0ABA-4225-9168-A769ED7808DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201612101:*:*:*:*:*:*",
"matchCriteriaId": "C4553BE6-DEDE-4E16-A335-1F8DE5F7B9E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201612102:*:*:*:*:*:*",
"matchCriteriaId": "5909ED7E-B49C-42D5-A634-788733D49FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201612401:*:*:*:*:*:*",
"matchCriteriaId": "21B55E0E-8923-4779-970F-A335C708CD3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201612402:*:*:*:*:*:*",
"matchCriteriaId": "D0B9CB8C-8072-46E3-8A6F-41FDB2365436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201703401:*:*:*:*:*:*",
"matchCriteriaId": "6C2C8471-D52C-41DF-A96B-E6D0A1E7A070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201709101:*:*:*:*:*:*",
"matchCriteriaId": "E2A9B43C-51F7-42C6-84CD-B882055915B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201709102:*:*:*:*:*:*",
"matchCriteriaId": "9F239FF7-CA1E-4711-A8A8-C1F945366E19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201709103:*:*:*:*:*:*",
"matchCriteriaId": "7E696E99-6F94-4C74-911A-01162CA34B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201709401:*:*:*:*:*:*",
"matchCriteriaId": "0B18A0A1-F28F-4282-B871-06344A674EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201709402:*:*:*:*:*:*",
"matchCriteriaId": "FE2DA304-2C7F-4F5A-A3D0-0DF15E442B1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5.0:550-201709403:*:*:*:*:*:*",
"matchCriteriaId": "EEF8BCE8-567E-4392-AD10-4DC4EF93E5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3E8861F4-D390-4738-BBF0-9EE4684E9667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201504401:*:*:*:*:*:*",
"matchCriteriaId": "2B9D5E67-78C9-495E-91F0-AF94871E5FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201505401:*:*:*:*:*:*",
"matchCriteriaId": "6D35CDFE-F0E7-43F7-A307-E3BDDE5AEAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507101:*:*:*:*:*:*",
"matchCriteriaId": "ADC13026-3B5A-4BF0-BDEC-B77338E427E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507102:*:*:*:*:*:*",
"matchCriteriaId": "6CBA70BA-FFCD-4D2D-AD26-95CC62748937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507401:*:*:*:*:*:*",
"matchCriteriaId": "4C92DD8B-8AB8-40D4-8E86-12FEB055D37A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507402:*:*:*:*:*:*",
"matchCriteriaId": "C58D77F5-CDB2-47DA-A879-BABEBE2E1E04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507403:*:*:*:*:*:*",
"matchCriteriaId": "D0C324FB-3989-4A4A-BF5B-C40CA698DDB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507404:*:*:*:*:*:*",
"matchCriteriaId": "0E7AC58E-D1F8-4FDF-9A28-61CF6158330A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507405:*:*:*:*:*:*",
"matchCriteriaId": "489EE0F6-5510-470E-8711-DC08B4AFB4F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507406:*:*:*:*:*:*",
"matchCriteriaId": "6719ED6F-CBC3-4B1E-9343-23DC3BA15FDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507407:*:*:*:*:*:*",
"matchCriteriaId": "DDAA48A9-9319-4104-B151-D529E5EBF0F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509101:*:*:*:*:*:*",
"matchCriteriaId": "D16CD918-5075-4975-8B1E-21D8AD35A28E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509102:*:*:*:*:*:*",
"matchCriteriaId": "7A38CD8E-494D-4E0E-A300-8550FC81FAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509201:*:*:*:*:*:*",
"matchCriteriaId": "1F40ABE8-8DED-4633-A34C-00DF5D510E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509202:*:*:*:*:*:*",
"matchCriteriaId": "1736B975-089B-413C-8CA0-5524B957EF9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509203:*:*:*:*:*:*",
"matchCriteriaId": "0E4DCBF6-7189-497A-B923-08574443172C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509204:*:*:*:*:*:*",
"matchCriteriaId": "16FBA646-0B5E-44A7-BB12-29D5C611AEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509205:*:*:*:*:*:*",
"matchCriteriaId": "29F57497-7B48-4D0C-B8F5-8D33062BECEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509206:*:*:*:*:*:*",
"matchCriteriaId": "ADDE96C7-C489-4D14-990B-8524627A23D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509207:*:*:*:*:*:*",
"matchCriteriaId": "AD82C093-FD98-45DE-9EE6-A05E81A1FEC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509208:*:*:*:*:*:*",
"matchCriteriaId": "08789F9E-CDC7-4F89-B925-92C9E3AE5234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509209:*:*:*:*:*:*",
"matchCriteriaId": "26ABB84C-B4BF-424E-8F4C-D2B6BE0AC79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509210:*:*:*:*:*:*",
"matchCriteriaId": "621C203B-4B66-49CC-A35D-D7703109BF14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201510401:*:*:*:*:*:*",
"matchCriteriaId": "3261BDEF-D89C-41D9-A360-EC36EAB17490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201511401:*:*:*:*:*:*",
"matchCriteriaId": "5170A4F6-02B7-4225-B944-73DB5A4D332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601101:*:*:*:*:*:*",
"matchCriteriaId": "62A97DBA-A56B-4F0B-B9C4-44B5166681AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601102:*:*:*:*:*:*",
"matchCriteriaId": "806C8BE6-A2BE-45BE-BEF2-396BEB16FCC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601401:*:*:*:*:*:*",
"matchCriteriaId": "DBA6211E-134A-484E-8444-FBB5070B395D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601402:*:*:*:*:*:*",
"matchCriteriaId": "3E7B05B3-4076-4A44-B9A6-A44419F175C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601403:*:*:*:*:*:*",
"matchCriteriaId": "1A1636B4-6E79-42D7-AA62-5EE43412B43A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601404:*:*:*:*:*:*",
"matchCriteriaId": "0F0377D0-BBED-41BF-80C5-58414ED413EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601405:*:*:*:*:*:*",
"matchCriteriaId": "6495283C-D18A-4DDA-852E-46F2273D6DAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201602401:*:*:*:*:*:*",
"matchCriteriaId": "09DEFEE5-5E9E-4F3A-A245-3E8E2B291339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603101:*:*:*:*:*:*",
"matchCriteriaId": "4B5A97A3-65DB-4697-9CF1-B4F5E4E4132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603102:*:*:*:*:*:*",
"matchCriteriaId": "17A84E0A-1429-467F-9EE1-FCA062392DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603201:*:*:*:*:*:*",
"matchCriteriaId": "C591163D-64BC-403B-A460-5B2258EC2F8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603202:*:*:*:*:*:*",
"matchCriteriaId": "ED932B89-D34D-4398-8F79-AF98987CAFD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603203:*:*:*:*:*:*",
"matchCriteriaId": "ABD365A0-0B09-4EC2-9973-691144C99507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603204:*:*:*:*:*:*",
"matchCriteriaId": "FBE64DC7-A9D1-416F-89BF-D9F8DD8174AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603205:*:*:*:*:*:*",
"matchCriteriaId": "0E198AE4-A6A3-4875-A7DA-44BE9E1B280F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603206:*:*:*:*:*:*",
"matchCriteriaId": "2FDD5BA0-8180-484D-8308-B0862B6E9DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603207:*:*:*:*:*:*",
"matchCriteriaId": "96A6EB9A-A908-42D1-A6BC-E38E861BBECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603208:*:*:*:*:*:*",
"matchCriteriaId": "651EDCAA-D785-464D-AE41-425A69F6FFB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201605401:*:*:*:*:*:*",
"matchCriteriaId": "1B3C704C-9D60-4F72-B482-07F209985E68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608101:*:*:*:*:*:*",
"matchCriteriaId": "C1CFE956-4391-4B71-BD0B-96A008A624B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608401:*:*:*:*:*:*",
"matchCriteriaId": "409778CD-9AB3-4793-A5F5-8D8657F81442",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608402:*:*:*:*:*:*",
"matchCriteriaId": "F7EA75DB-B6BE-4E75-89B6-C69E96CBD7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608403:*:*:*:*:*:*",
"matchCriteriaId": "0DC45A8B-6DE0-465F-9644-B75A09394F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608404:*:*:*:*:*:*",
"matchCriteriaId": "7A265671-BCB0-401A-A1E8-500F9D41492E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608405:*:*:*:*:*:*",
"matchCriteriaId": "83168067-1E43-4186-9B15-3FC702C6583C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201610410:*:*:*:*:*:*",
"matchCriteriaId": "8C122DB4-8410-4C4E-87BE-EB3175CE182B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201611401:*:*:*:*:*:*",
"matchCriteriaId": "C76ED78D-0778-4269-938E-BB7586C1E44E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201611402:*:*:*:*:*:*",
"matchCriteriaId": "7A1F78C5-E995-4E37-83C5-5B6A1D39E549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201611403:*:*:*:*:*:*",
"matchCriteriaId": "7A2E842D-AF37-4641-AD05-B91F250E7487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702101:*:*:*:*:*:*",
"matchCriteriaId": "A07EAC87-32FD-4553-B71D-181F2C66AE68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702102:*:*:*:*:*:*",
"matchCriteriaId": "AD6F0D62-4C51-46D6-A6C4-E479BE6B2C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702201:*:*:*:*:*:*",
"matchCriteriaId": "865D3042-68ED-44B9-A036-9433F7463D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702202:*:*:*:*:*:*",
"matchCriteriaId": "FC4FEF78-D2DA-4CCE-BB81-7E2090ED545C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702203:*:*:*:*:*:*",
"matchCriteriaId": "11AE3F61-9655-4B20-96E1-92112BE2BEDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702204:*:*:*:*:*:*",
"matchCriteriaId": "ECE35166-3019-450B-9C69-484E4EDE5A6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702205:*:*:*:*:*:*",
"matchCriteriaId": "D892B066-381B-4F46-8363-7BA1647BBCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702206:*:*:*:*:*:*",
"matchCriteriaId": "710DB381-5504-4493-8D0A-17AB8E5A903B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702207:*:*:*:*:*:*",
"matchCriteriaId": "42AAA3B7-B74D-4B67-8BD3-1D9B5ED1E037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702208:*:*:*:*:*:*",
"matchCriteriaId": "33CBCA55-010E-4E84-B2F8-F9B53D5A3340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702209:*:*:*:*:*:*",
"matchCriteriaId": "95A73B4B-F9B3-4D66-9668-902902C73CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702210:*:*:*:*:*:*",
"matchCriteriaId": "8D14D51D-E2EA-4826-8C6E-AF1C15F12384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702211:*:*:*:*:*:*",
"matchCriteriaId": "BED100A1-9D59-48BE-91D4-0C8F2D678E6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702212:*:*:*:*:*:*",
"matchCriteriaId": "660B51F2-DFE0-49F6-AD2A-6E94B20F4019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201703401:*:*:*:*:*:*",
"matchCriteriaId": "8BF80536-348A-468E-AC1C-DA53632FCC83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201706101:*:*:*:*:*:*",
"matchCriteriaId": "CFABF302-AC32-4507-BDD9-314854DE55BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201706102:*:*:*:*:*:*",
"matchCriteriaId": "9EDE020F-4FB1-4F1D-B434-6745045702D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201706103:*:*:*:*:*:*",
"matchCriteriaId": "AA1538B9-E860-46CE-A4CA-1393ECA20D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201706401:*:*:*:*:*:*",
"matchCriteriaId": "386A6805-6167-47BA-A02F-073DC7E0FE36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201706402:*:*:*:*:*:*",
"matchCriteriaId": "03BA15D8-F7A2-428C-8104-BCEBDE7C1EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201706403:*:*:*:*:*:*",
"matchCriteriaId": "1CFCFE7B-37E5-4C64-9B43-4F693F227231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201710301:*:*:*:*:*:*",
"matchCriteriaId": "02CFAE22-37DB-4787-96FB-9E0F8EF671E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a77_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155A0C39-4D0A-4264-B392-46002908939C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a77:-:*:*:*:*:*:*:*",
"matchCriteriaId": "514DE9F5-D826-42AA-B4CF-3EB09F4D3D5D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a78_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96AB8C81-F441-4563-B5E0-B738DF4D1C50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a78:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDA3C472-D1E9-47B3-AFD0-BD274E3291F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-a78ae_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E30BECA7-C45A-423D-9200-98D51BE9C84C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-a78ae:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E376B2A-430D-4D1D-BC28-92CD7E1E8564",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:neoverse_n1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4164A584-6F0D-4154-8FED-DC044CDE1FE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:neoverse_n1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74C9E6FC-9C40-4105-9FB0-17013E1ABBB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:neoverse_n2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B37176F-0AF4-4410-9C1F-4C5ED0051681",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:neoverse_n2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2F2936E-A611-472E-8EF0-F336A19DF578",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arm:cortex-x1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D200C1F-1909-4952-824F-A2D279B9B37E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arm:cortex-x1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC9F68C-7D65-4D29-AAA1-BA43228C6208",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis."
},
{
"lang": "es",
"value": "Los sistemas con microprocesadores con ejecuci\u00f3n especulativa y predicci\u00f3n de ramas podr\u00edan permitir la revelaci\u00f3n no autorizada de informaci\u00f3n al atacante con acceso de usuario local mediante un an\u00e1lisis de un canal lateral."
}
],
"id": "CVE-2017-5753",
"lastModified": "2025-01-14T19:29:55.853",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.1,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-04T13:29:00.257",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
},
{
"source": "secure@intel.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/584653"
},
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102371"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040071"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-254.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0292"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cdrdv2.intel.com/v1/dl/getContent/685359"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Third Party Advisory",
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002"
},
{
"source": "secure@intel.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Jun/36"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201810-06"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
},
{
"source": "secure@intel.com",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://spectreattack.com/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX231399"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/csp/article/K91229003"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-18282"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3540-1/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3540-2/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3541-1/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3541-2/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3542-1/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3542-2/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3549-1/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3580-1/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3597-1/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3597-2/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/usn/usn-3516-1/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"source": "secure@intel.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/43427/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
},
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_01"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/584653"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-254.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cdrdv2.intel.com/v1/dl/getContent/685359"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Jun/36"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201810-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://spectreattack.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX231399"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/csp/article/K91229003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-18282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3540-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3540-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3541-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3541-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3542-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3542-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3549-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3580-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3597-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3597-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/usn/usn-3516-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/43427/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-21 12:55
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://osvdb.org/87598 | Broken Link | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2012-1482.html | Third Party Advisory | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2012-1483.html | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/51359 | Broken Link | |
| cve@mitre.org | http://secunia.com/advisories/51360 | Broken Link | |
| cve@mitre.org | http://secunia.com/advisories/51369 | Broken Link | |
| cve@mitre.org | http://secunia.com/advisories/51370 | Broken Link | |
| cve@mitre.org | http://secunia.com/advisories/51381 | Broken Link | |
| cve@mitre.org | http://secunia.com/advisories/51434 | Broken Link | |
| cve@mitre.org | http://secunia.com/advisories/51439 | Broken Link | |
| cve@mitre.org | http://secunia.com/advisories/51440 | Broken Link | |
| cve@mitre.org | http://www.mozilla.org/security/announce/2012/mfsa2012-106.html | Vendor Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-1636-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-1638-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-1638-2 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-1638-3 | Third Party Advisory | |
| cve@mitre.org | https://bugzilla.mozilla.org/show_bug.cgi?id=775228 | Exploit, Issue Tracking, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/80183 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/87598 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1482.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1483.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51359 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51360 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51369 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51370 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51381 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51434 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51439 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51440 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-106.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1636-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1638-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1638-2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1638-3 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=775228 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/80183 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| mozilla | thunderbird_esr | * | |
| apple | mac_os_x | - | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.3 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_eus | 6.3 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 11.10 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.1 | |
| opensuse | opensuse | 12.2 | |
| suse | suse_linux_enterprise_desktop | 10 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 10 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23C27B04-A1E0-4930-AF63-E2B1E57F75BE",
"versionEndExcluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46BBBC83-F777-4899-9F6A-094CDD9CFF0F",
"versionEndExcluding": "10.0.11",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9DEF1D7-9412-4632-A689-AFD71FEFACC0",
"versionEndExcluding": "2.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61E5E742-2A0F-4483-A784-EACBEE1DF267",
"versionEndExcluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "828E00D1-8F2A-43AF-93DB-B1985CE68A8A",
"versionEndExcluding": "10.0.11",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8382A145-CDD9-437E-9DE7-A349956778B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "413CC30E-5FFE-47A4-B38B-80E3A9B13238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "78BEBD36-7BD1-4686-BF9A-60B85EBF6A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB2C482-D2A4-48B3-ACE7-E1DFDCC409B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp4:*:*:*:*:*:*",
"matchCriteriaId": "F5FE6906-1A69-4197-A8D6-C75E1A163FD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp2:*:*:*:*:*:*",
"matchCriteriaId": "C08546E6-4C6A-4044-BEBA-AC2B75EF2693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp4:*:*:*:*:*:*",
"matchCriteriaId": "EA2807B4-C30A-4C95-98E8-2AA9F5723684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp2:*:*:*:*:*:*",
"matchCriteriaId": "B94190DE-DF41-4202-B513-DE3ABDED35FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp2:*:*:*:-:*:*",
"matchCriteriaId": "12ED70E0-7F26-4909-9D90-B5D880178526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp2:*:*:*:vmware:*:*",
"matchCriteriaId": "78651AEE-E88E-40CB-8A17-09E95C822AF6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en Mozilla Firefox antes de 17.0, Firefox ESR 10.x antes de 10.0.11, Thunderbird antes de 17.0, Thunderbird ESR 10.x antes de 10.0.11, y SeaMonkey antes de 2.14 en Mac OS X permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un documento HTML."
}
],
"id": "CVE-2012-5830",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2012-11-21T12:55:03.290",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/87598"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1482.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1483.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/51359"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/51360"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/51369"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/51370"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/51381"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/51434"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/51439"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/51440"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-106.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1636-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1638-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1638-2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1638-3"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=775228"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/87598"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1482.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1483.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/51359"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/51360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/51369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/51370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/51381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/51434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/51439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/51440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-106.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1636-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1638-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1638-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1638-3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=775228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80183"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-06 05:44
Modified
2025-04-11 00:51
Severity ?
Summary
Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://download.novell.com/Download?buildid=VYQsgaFpQ2k | Broken Link | |
| security@mozilla.org | http://download.novell.com/Download?buildid=Y2fux-JW1Qc | Broken Link | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://osvdb.org/102863 | Broken Link | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0132.html | Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0133.html | Third Party Advisory | |
| security@mozilla.org | http://secunia.com/advisories/56706 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56761 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56763 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56767 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56787 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56858 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56888 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56922 | Broken Link | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2858 | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2014/mfsa2014-13.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/65326 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029717 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029720 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029721 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2102-1 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2102-2 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2119-1 | Third Party Advisory | |
| security@mozilla.org | https://8pecxstudios.com/?page_id=44080 | Broken Link, URL Repurposed | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=936056 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/90883 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.novell.com/Download?buildid=VYQsgaFpQ2k | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.novell.com/Download?buildid=Y2fux-JW1Qc | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/102863 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0132.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0133.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56706 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56761 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56763 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56767 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56787 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56858 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56888 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56922 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2858 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2014/mfsa2014-13.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/65326 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029717 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029720 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029721 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2102-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2102-2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2119-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://8pecxstudios.com/?page_id=44080 | Broken Link, URL Repurposed | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=936056 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/90883 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| debian | debian_linux | 7.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86B3B84A-9D1F-4863-987C-5C958B05C523",
"versionEndExcluding": "27.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5BFC32-48C3-431E-BD30-67BF408025F1",
"versionEndExcluding": "24.3",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "328319A6-42EE-408E-91A8-87156C17AE46",
"versionEndExcluding": "2.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCF1ADE-2590-49D1-AD38-B7EF93AC92BE",
"versionEndExcluding": "24.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines."
},
{
"lang": "es",
"value": "Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 permiten a atacantes remotos evadir restricciones en objetos de ventana mediante el aprovechamiento de la inconsistencia en los m\u00e9todos getter nativos entre diferentes motores JavaScript."
}
],
"id": "CVE-2014-1481",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-02-06T05:44:24.877",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/102863"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56706"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56761"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56763"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56767"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56787"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56858"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56888"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56922"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65326"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=936056"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90883"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/102863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56767"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56922"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=936056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90883"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2881 | Third Party Advisory | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2911 | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2014/mfsa2014-29.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/66206 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=982906 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2881 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2911 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2014/mfsa2014-29.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/66206 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=982906 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "422EC5FE-DA03-4C14-ADED-D6212BE074D5",
"versionEndExcluding": "28.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F43E2CDB-F255-4199-A33E-BBFD18BA241C",
"versionEndExcluding": "24.4",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "097F1C3A-4546-43F3-8CC2-50F8AF05B791",
"versionEndExcluding": "2.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "507FBFAF-784E-4C0E-B959-9380C31EBD1B",
"versionEndExcluding": "24.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "DD4BBD63-E038-45CE-9537-D96831E99A06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call."
},
{
"lang": "es",
"value": "La implementaci\u00f3n Web IDL en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 permite a atacantes remotos ejecutar c\u00f3digo JavaScript arbitrario con privilegios de chrome mediante el uso de un fragmento IDL para provocar una llamada window.open."
}
],
"id": "CVE-2014-1510",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-03-19T10:55:06.613",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66206"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982906"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982906"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-06 05:44
Modified
2025-04-11 00:51
Severity ?
Summary
The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://download.novell.com/Download?buildid=VYQsgaFpQ2k | Broken Link | |
| security@mozilla.org | http://download.novell.com/Download?buildid=Y2fux-JW1Qc | Broken Link | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://osvdb.org/102873 | Broken Link | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0132.html | Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0133.html | Third Party Advisory | |
| security@mozilla.org | http://secunia.com/advisories/56706 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56761 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56763 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56767 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56787 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56858 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56888 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56922 | Broken Link | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2858 | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2014/mfsa2014-09.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/65330 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029717 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029720 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029721 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2102-1 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2102-2 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2119-1 | Third Party Advisory | |
| security@mozilla.org | https://8pecxstudios.com/?page_id=44080 | Broken Link, URL Repurposed | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=947592 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/90889 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.novell.com/Download?buildid=VYQsgaFpQ2k | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.novell.com/Download?buildid=Y2fux-JW1Qc | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/102873 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0132.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0133.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56706 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56761 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56763 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56767 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56787 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56858 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56888 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56922 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2858 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2014/mfsa2014-09.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/65330 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029717 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029720 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029721 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2102-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2102-2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2119-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://8pecxstudios.com/?page_id=44080 | Broken Link, URL Repurposed | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=947592 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/90889 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86B3B84A-9D1F-4863-987C-5C958B05C523",
"versionEndExcluding": "27.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5BFC32-48C3-431E-BD30-67BF408025F1",
"versionEndExcluding": "24.3",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "328319A6-42EE-408E-91A8-87156C17AE46",
"versionEndExcluding": "2.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCF1ADE-2590-49D1-AD38-B7EF93AC92BE",
"versionEndExcluding": "24.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de Web workers en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 permite a atacantes remotos evadir Same Origin Policy y obtener informaci\u00f3n sensible de autenticaci\u00f3n a trav\u00e9s de vectores que involucran mensajes de error."
}
],
"id": "CVE-2014-1487",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-02-06T05:44:25.017",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/102873"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56706"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56761"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56763"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56767"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56787"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56858"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56888"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56922"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65330"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=947592"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90889"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/102873"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56767"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56922"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65330"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=947592"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90889"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-346"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2881 | Third Party Advisory | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2911 | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2014/mfsa2014-31.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/66203 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=982974 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2881 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2911 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2014/mfsa2014-31.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/66203 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=982974 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "422EC5FE-DA03-4C14-ADED-D6212BE074D5",
"versionEndExcluding": "28.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F43E2CDB-F255-4199-A33E-BBFD18BA241C",
"versionEndExcluding": "24.4",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "097F1C3A-4546-43F3-8CC2-50F8AF05B791",
"versionEndExcluding": "2.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "507FBFAF-784E-4C0E-B959-9380C31EBD1B",
"versionEndExcluding": "24.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site."
},
{
"lang": "es",
"value": "TypedArrayObject.cpp en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 no previene una transici\u00f3n de longitud cero durante el uso de un objeto ArrayBuffer, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (escritura o lectura basado en memoria din\u00e1mica fuera de de rango) a trav\u00e9s de un sitio web manipulado."
}
],
"id": "CVE-2014-1513",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-03-19T10:55:06.693",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-31.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66203"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982974"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-31.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-11 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2013-1812.html | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2013/mfsa2013-108.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securitytracker.com/id/1029470 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029476 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2052-1 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2053-1 | Third Party Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=938341 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-1812.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2013/mfsa2013-108.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029470 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029476 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2052-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2053-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=938341 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.04 | |
| canonical | ubuntu_linux | 13.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50A3A702-C2B1-4311-9EBC-D62079E3DCD5",
"versionEndExcluding": "26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "924CA671-D089-40FA-BE02-6938FD094713",
"versionEndExcluding": "24.2",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D337932C-EF9D-4511-87DB-54262C6635D9",
"versionEndExcluding": "2.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD42C60-4027-4EDE-A61B-84C80154A5C3",
"versionEndExcluding": "24.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*",
"matchCriteriaId": "E14271AE-1309-48F3-B9C6-D7DEEC488279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners."
},
{
"lang": "es",
"value": "Vulnerabilidad de liberaci\u00f3n despues de uso en la funci\u00f3n nsEventListenerManager :: HandleEventSubType en Mozilla Firefox anterior a 26.0, Firefox ESR 24.x anterior a 24.2, Thunderbird antes de 24.2, y SeaMonkey anterior a 2.23 que permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio ( corrupci\u00f3n de memoria heap) a trav\u00e9s de vectores relacionados con los detectores de eventos mListeners."
}
],
"id": "CVE-2013-5616",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2013-12-11T15:55:12.967",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-108.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=938341"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-108.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=938341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2014/mfsa2014-16.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=925747 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2014/mfsa2014-16.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=925747 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "422EC5FE-DA03-4C14-ADED-D6212BE074D5",
"versionEndExcluding": "28.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F43E2CDB-F255-4199-A33E-BBFD18BA241C",
"versionEndExcluding": "24.4",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "097F1C3A-4546-43F3-8CC2-50F8AF05B791",
"versionEndExcluding": "2.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "507FBFAF-784E-4C0E-B959-9380C31EBD1B",
"versionEndExcluding": "24.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "DD4BBD63-E038-45CE-9537-D96831E99A06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update."
},
{
"lang": "es",
"value": "Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 podr\u00eda permitir a usuarios locales ganar privilegios mediante la modificaci\u00f3n de los contenidos Mar extra\u00eddos durante una actualizaci\u00f3n."
}
],
"id": "CVE-2014-1496",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-03-19T10:55:06.303",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-16.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=925747"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-16.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=925747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-11 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2013-1812.html | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2013/mfsa2013-104.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securitytracker.com/id/1029470 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029476 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2052-1 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2053-1 | Third Party Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=886850 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=905382 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=922009 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=937582 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-1812.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2013/mfsa2013-104.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029470 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029476 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2052-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2053-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=886850 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=905382 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=922009 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=937582 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.04 | |
| canonical | ubuntu_linux | 13.10 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50A3A702-C2B1-4311-9EBC-D62079E3DCD5",
"versionEndExcluding": "26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "924CA671-D089-40FA-BE02-6938FD094713",
"versionEndExcluding": "24.2",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D337932C-EF9D-4511-87DB-54262C6635D9",
"versionEndExcluding": "2.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD42C60-4027-4EDE-A61B-84C80154A5C3",
"versionEndExcluding": "24.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*",
"matchCriteriaId": "E14271AE-1309-48F3-B9C6-D7DEEC488279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades sin especificar en el motor del navegador Mozilla Firefox anterior a la versi\u00f3n 26.0, Firefox ESR 24.x anterior a 24.2, Thunderbird anterior a la versi\u00f3n 24.2, y SeaMonkey anterior a 2.23 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2013-5609",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2013-12-11T15:55:07.433",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-104.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=886850"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=905382"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=922009"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=937582"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-104.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=886850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=905382"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=922009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=937582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-11 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2013-1812.html | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2013/mfsa2013-114.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securitytracker.com/id/1029470 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029476 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2052-1 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2053-1 | Third Party Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=930381 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=932449 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-1812.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2013/mfsa2013-114.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029470 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029476 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2052-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2053-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=930381 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=932449 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.04 | |
| canonical | ubuntu_linux | 13.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50A3A702-C2B1-4311-9EBC-D62079E3DCD5",
"versionEndExcluding": "26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "924CA671-D089-40FA-BE02-6938FD094713",
"versionEndExcluding": "24.2",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D337932C-EF9D-4511-87DB-54262C6635D9",
"versionEndExcluding": "2.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD42C60-4027-4EDE-A61B-84C80154A5C3",
"versionEndExcluding": "24.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*",
"matchCriteriaId": "E14271AE-1309-48F3-B9C6-D7DEEC488279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function."
},
{
"lang": "es",
"value": "Vulnerabilidad de liberaci\u00f3n despues de uso en la funci\u00f3n PresShell :: DispatchSynthMouseMove en Mozilla Firefox anterior a 26.0, Firefox ESR 24.x antes 24.2, Thunderbird antes de 24.2, y SeaMonkey anterior a 2.23 que permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria heap) a trav\u00e9s de vectores relacionados con el movimiento del rat\u00f3n sint\u00e9tica, con la funci\u00f3n RestyleManager :: GetHoverGeneration."
}
],
"evaluatorComment": "CWE-416: Use After Free",
"id": "CVE-2013-5613",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2013-12-11T15:55:12.840",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-114.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=930381"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=932449"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-114.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=930381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=932449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2881 | Third Party Advisory | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2911 | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2014/mfsa2014-15.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/66412 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=896268 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=958867 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=960145 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=963974 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=965982 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=967341 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=977538 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2881 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2911 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2014/mfsa2014-15.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/66412 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=896268 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=958867 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=960145 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=963974 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=965982 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=967341 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=977538 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "422EC5FE-DA03-4C14-ADED-D6212BE074D5",
"versionEndExcluding": "28.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F43E2CDB-F255-4199-A33E-BBFD18BA241C",
"versionEndExcluding": "24.4",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "097F1C3A-4546-43F3-8CC2-50F8AF05B791",
"versionEndExcluding": "2.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "507FBFAF-784E-4C0E-B959-9380C31EBD1B",
"versionEndExcluding": "24.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en el motor de navegaci\u00f3n en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2014-1493",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-03-19T10:55:06.240",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-15.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66412"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=896268"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=958867"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=960145"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=963974"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=965982"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=967341"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=977538"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-15.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=896268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=958867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=960145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=963974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=965982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=967341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=977538"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-16 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert_us@oracle.com | http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | Third Party Advisory | |
| secalert_us@oracle.com | http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | Vendor Advisory | |
| secalert_us@oracle.com | http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | Vendor Advisory | |
| secalert_us@oracle.com | http://www.securityfocus.com/bid/74081 | ||
| secalert_us@oracle.com | http://www.securitytracker.com/id/1032121 | ||
| secalert_us@oracle.com | https://security.gentoo.org/glsa/201507-19 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/74081 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032121 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201507-19 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | communications_policy_management | * | |
| oracle | communications_policy_management | 9.9.1 | |
| oracle | communications_policy_management | 10.4.1 | |
| oracle | communications_policy_management | 12.1.1 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| suse | suse_linux_enterprise_desktop | 11.0 | |
| suse | suse_linux_enterprise_server | 11.0 | |
| suse | suse_linux_enterprise_server | 11.0 | |
| oracle | mysql | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_policy_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "733AAB26-D6B3-4892-9531-2427551A7843",
"versionEndIncluding": "9.7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_policy_management:9.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1B1DA1-CB11-42D6-9F28-C1588A7A7D45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_policy_management:10.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F696923E-E5AB-4473-B404-A6CCB33B6DB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_policy_management:12.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE69A446-E765-4141-83F6-B58EA7E3783A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "777F6902-6EFA-482A-9A17-48DA5BDDB9CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "7F622F0E-8D17-47E8-8F3C-A640C21544E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "103582CB-029E-4201-B391-897B49BE8DDD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CC19DE2-CDE4-4BB4-B2F8-4AA4BFED57BA",
"versionEndIncluding": "5.6.23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle MySQL Server 5.6.23 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2015-0500",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-16T16:59:49.810",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/74081"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1032121"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201507-19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201507-19"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-27 17:59
Modified
2025-04-12 10:46
Severity ?
Summary
The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142 | Vendor Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html | ||
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2016-2574.html | ||
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2016-2584.html | ||
| cve@mitre.org | http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/04/13/1 | ||
| cve@mitre.org | http://www.securitytracker.com/id/1035594 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1326540 | Issue Tracking | |
| cve@mitre.org | https://github.com/torvalds/linux/commit/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-2574.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-2584.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/04/13/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035594 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1326540 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/torvalds/linux/commit/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| suse | suse_linux_enterprise_live_patching | 12.0 | |
| suse | suse_linux_enterprise_module_for_public_cloud | 12.0 | |
| suse | suse_linux_enterprise_real_time_extension | 12 | |
| suse | suse_linux_enterprise_software_development_kit | 12.0 | |
| suse | suse_linux_enterprise_workstation_extension | 12.0 | |
| novell | suse_linux_enterprise_desktop | 12.0 | |
| novell | suse_linux_enterprise_server | 12.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B458ACF-17C3-4551-9F11-8D02B6D52B7C",
"versionEndIncluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_live_patching:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9FC685E-4188-4517-BE64-79C86AC6700A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_module_for_public_cloud:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE356E03-FE6E-4145-8A30-BD7DEF074B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "863D677A-F877-48B5-B3D4-8B6793BB93AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C171088-A361-4950-A397-BB4FD83DBB68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_workstation_extension:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73424219-E302-4E65-B6F9-225C537EF284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA04C9F1-6257-4D82-BA0B-37DE66D94736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C384D0B6-8A5C-45CA-8CD9-7F4E967FE4F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application."
},
{
"lang": "es",
"value": "La funci\u00f3n tm_reclaim_thread en arch/powerpc/kernel/process.c en el Kernel de Linux en versiones anteriores a 4.4.1 sobre plataformas powerpc no asegura que exista el modo TM suspend antes de proceder con una llamada tm_reclaim, lo que permite a usuarios locales provocar una denegaci\u00f3n de servicio (excepci\u00f3n TM Bad Thing y p\u00e1nico) a trav\u00e9s de una aplicaci\u00f3n manipulada."
}
],
"id": "CVE-2015-8845",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-27T17:59:05.130",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2016/04/13/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1035594"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1326540"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/torvalds/linux/commit/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/04/13/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1326540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/torvalds/linux/commit/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-02 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b | Vendor Advisory | |
| cve@mitre.org | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274 | Vendor Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2016/dsa-3607 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/04/06/4 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/91028 | ||
| cve@mitre.org | http://www.securitytracker.com/id/1036763 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2989-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2998-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-3000-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-3001-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-3002-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-3003-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-3004-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-3021-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-3021-2 | Third Party Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1324782 | Issue Tracking | |
| cve@mitre.org | https://github.com/torvalds/linux/commit/1666984c8625b3db19a9abc298931d35ab7bc64b | Vendor Advisory | |
| cve@mitre.org | https://github.com/torvalds/linux/commit/4d06dd537f95683aba3651098ae288b7cbff8274 | Vendor Advisory | |
| cve@mitre.org | https://www.spinics.net/lists/netdev/msg367669.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3607 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/04/06/4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/91028 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036763 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2989-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2998-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3000-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3001-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3002-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3003-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3004-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3021-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3021-2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1324782 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/torvalds/linux/commit/1666984c8625b3db19a9abc298931d35ab7bc64b | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/torvalds/linux/commit/4d06dd537f95683aba3651098ae288b7cbff8274 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.spinics.net/lists/netdev/msg367669.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.10 | |
| novell | suse_linux_enterprise_software_development_kit | 12.0 | |
| suse | suse_linux_enterprise_software_development_kit | 12.0 | |
| novell | suse_linux_enterprise_desktop | 12 | |
| novell | suse_linux_enterprise_desktop | 12 | |
| novell | suse_linux_enterprise_live_patching | 12.0 | |
| novell | suse_linux_enterprise_module_for_public_cloud | 12 | |
| novell | suse_linux_enterprise_real_time_extension | 12 | |
| novell | suse_linux_enterprise_server | 12.0 | |
| novell | suse_linux_enterprise_server | 12.0 | |
| novell | suse_linux_enterprise_workstation_extension | 12.0 | |
| novell | suse_linux_enterprise_workstation_extension | 12.0 | |
| linux | linux_kernel | 4.5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "01E6CAD9-DC1F-4C7C-8C8E-98E4BFABAC94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C171088-A361-4950-A397-BB4FD83DBB68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12:*:*:*:*:*:*:*",
"matchCriteriaId": "41BB6157-21C1-43AF-9468-2E49D9BEFEAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "BCEA3D62-99E0-48F9-A0CF-981BF28A509D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_live_patching:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CCAAE4A1-D542-43F3-B7FC-685BCDB248D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_module_for_public_cloud:12:*:*:*:*:*:*:*",
"matchCriteriaId": "0441632F-40BF-432B-BB1C-6396C726C4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5AB3CAA1-C20C-4A86-841E-EC0858164D7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C384D0B6-8A5C-45CA-8CD9-7F4E967FE4F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "81D94366-47D6-445A-A811-39327B150FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_workstation_extension:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DF461FB4-8BA5-4065-9A69-DC017D3611C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_workstation_extension:12.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "1F003591-0639-476C-A014-03F06A274880",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.5.0:rc7:*:*:*:*:*:*",
"matchCriteriaId": "74D8F1E1-5953-48EB-A3FB-218ACA871E9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor."
},
{
"lang": "es",
"value": "Vulnerabilidad de liberaci\u00f3n de memoria doble en drivers/net/usb/cdc_ncm.c en el kernel de Linux en versiones anteriores a 4.5 permite a atacantes f\u00edsicamente pr\u00f3ximos provocar una denegaci\u00f3n de servicio (ca\u00edda de sistema) o posiblemente tener otro impacto no especificado insertando un dispositivo USB con un descriptor USB no v\u00e1lido."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/415.html\"\u003eCWE-415: Double Free\u003c/a\u003e",
"id": "CVE-2016-3951",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-02T10:59:41.490",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3607"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2016/04/06/4"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/91028"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1036763"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2989-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2998-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3000-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3001-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3002-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3003-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3004-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3021-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3021-2"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324782"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/torvalds/linux/commit/1666984c8625b3db19a9abc298931d35ab7bc64b"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/torvalds/linux/commit/4d06dd537f95683aba3651098ae288b7cbff8274"
},
{
"source": "cve@mitre.org",
"url": "https://www.spinics.net/lists/netdev/msg367669.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/04/06/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2989-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2998-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3000-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3001-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3002-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3003-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3004-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3021-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3021-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/torvalds/linux/commit/1666984c8625b3db19a9abc298931d35ab7bc64b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/torvalds/linux/commit/4d06dd537f95683aba3651098ae288b7cbff8274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.spinics.net/lists/netdev/msg367669.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2881 | Third Party Advisory | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2911 | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2014/mfsa2014-29.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/66207 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=982909 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2881 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2911 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2014/mfsa2014-29.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/66207 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=982909 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "422EC5FE-DA03-4C14-ADED-D6212BE074D5",
"versionEndExcluding": "28.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F43E2CDB-F255-4199-A33E-BBFD18BA241C",
"versionEndExcluding": "24.4",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "097F1C3A-4546-43F3-8CC2-50F8AF05B791",
"versionEndExcluding": "2.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "507FBFAF-784E-4C0E-B959-9380C31EBD1B",
"versionEndExcluding": "24.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "DD4BBD63-E038-45CE-9537-D96831E99A06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors."
},
{
"lang": "es",
"value": "Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 permiten a atacantes remotos evadir el bloqueo de ventanas emergentes a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-1511",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-03-19T10:55:06.647",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66207"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982909"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66207"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-27 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb | Patch | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html | ||
| cve@mitre.org | http://www.debian.org/security/2016/dsa-3607 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/06/03/5 | Mailing List, Technical Description | |
| cve@mitre.org | http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/91021 | ||
| cve@mitre.org | http://www.securitytracker.com/id/1041895 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-3070-1 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-3070-2 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-3070-3 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-3070-4 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-3071-1 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-3071-2 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-3072-1 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-3072-2 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1343337 | Issue Tracking | |
| cve@mitre.org | https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb | Patch | |
| cve@mitre.org | https://patchwork.ozlabs.org/patch/629110/ | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3607 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/06/03/5 | Mailing List, Technical Description | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/91021 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041895 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3070-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3070-2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3070-3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3070-4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3071-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3071-2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3072-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3072-2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1343337 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://patchwork.ozlabs.org/patch/629110/ | Patch |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 23 | |
| suse | linux_enterprise_real_time_extension | 11 | |
| fedoraproject | fedora | 24 | |
| suse | linux_enterprise_debuginfo | 11 | |
| suse | linux_enterprise_real_time_extension | 12 | |
| suse | linux_enterprise_server | 11 | |
| redhat | enterprise_linux | 6.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11 | |
| suse | linux_enterprise_workstation_extension | 12 | |
| redhat | enterprise_linux | 5 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | opensuse_leap | 42.1 | |
| suse | linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_software_development_kit | 12 | |
| fedoraproject | fedora | 22 | |
| linux | linux_kernel | * | |
| suse | suse_linux_enterprise_server | 12 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
"matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "99A38379-DBD3-4BF6-9A8F-95A3F553AD02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*",
"matchCriteriaId": "C729D5D1-ED95-443A-9F53-5D7C2FD9B80C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "F892F1B0-514C-42F7-90AE-12ACDFDC1033",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "18D823E3-E1F3-4A15-A9C7-1AB61C1B6703",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:extra:*:*:*:*:*:*",
"matchCriteriaId": "AD1AEFA5-9D43-4DD2-9088-7B37D5F220C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "CF719D1A-AA3A-42C9-9568-07DD4DB27A4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFA18B6-2642-470A-A350-68947529EE5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*",
"matchCriteriaId": "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:opensuse_leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4C3C4A93-990D-4E77-B998-6AA045CE6187",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*",
"matchCriteriaId": "D68314F2-4372-4215-8D5C-10A75BC8188D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC099084-12C9-4396-ABC7-F389CFAD871E",
"versionEndIncluding": "4.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*",
"matchCriteriaId": "9C649194-B8C2-49F7-A819-C635EE584ABF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message."
},
{
"lang": "es",
"value": "La funci\u00f3n rds_inc_info_copy en net/rds/recv.c en el kernel de Linux hasta la versi\u00f3n 4.6.3 no inicializa un cierto miembro de estructura, lo que permite a atacantes remotos obtener informaci\u00f3n sensible de la memoria de pila del kernel leyendo un mensaje RDS."
}
],
"id": "CVE-2016-5244",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-27T10:59:11.157",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3607"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Technical Description"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/03/5"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/91021"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1041895"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-3070-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-3070-2"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-3070-3"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-3070-4"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-3071-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-3071-2"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-3072-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-3072-2"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343337"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://patchwork.ozlabs.org/patch/629110/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Technical Description"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/03/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1041895"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-3070-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-3070-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-3070-3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-3070-4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-3071-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-3071-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-3072-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-3072-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343337"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://patchwork.ozlabs.org/patch/629110/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://archives.neohapsis.com/archives/bugtraq/2014-03/0145.html | Broken Link | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2881 | Third Party Advisory | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2911 | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2014/mfsa2014-30.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/66209 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=982957 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2014-03/0145.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2881 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2911 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2014/mfsa2014-30.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/66209 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=982957 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "422EC5FE-DA03-4C14-ADED-D6212BE074D5",
"versionEndExcluding": "28.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F43E2CDB-F255-4199-A33E-BBFD18BA241C",
"versionEndExcluding": "24.4",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "097F1C3A-4546-43F3-8CC2-50F8AF05B791",
"versionEndExcluding": "2.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "507FBFAF-784E-4C0E-B959-9380C31EBD1B",
"versionEndExcluding": "24.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en la clase TypeObject en el motor JavaScript en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante el aprovechamiento del consumo de memoria extensivo mientras la recolecci\u00f3n de basura est\u00e1 ocurriendo."
}
],
"id": "CVE-2014-1512",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-03-19T10:55:06.660",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-03/0145.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-30.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66209"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982957"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-03/0145.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-30.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=982957"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-11 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2013/mfsa2013-113.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/64213 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029470 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029476 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2052-1 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2053-1 | Third Party Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=917380 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2013/mfsa2013-113.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/64213 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029470 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029476 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2052-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2053-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=917380 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | linux_enterprise_desktop | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.04 | |
| canonical | ubuntu_linux | 13.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*",
"matchCriteriaId": "E14271AE-1309-48F3-B9C6-D7DEEC488279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50A3A702-C2B1-4311-9EBC-D62079E3DCD5",
"versionEndExcluding": "26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "924CA671-D089-40FA-BE02-6938FD094713",
"versionEndExcluding": "24.2",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D337932C-EF9D-4511-87DB-54262C6635D9",
"versionEndExcluding": "2.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD42C60-4027-4EDE-A61B-84C80154A5C3",
"versionEndExcluding": "24.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user\u0027s removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user."
},
{
"lang": "es",
"value": "Mozilla Firefox anterior a 26.0, Firefox ESR 24.x anterior a 24.2, Thunderbird anterior a 24.2, y SeaMonkey anterior a 2.23 no reconoce la eliminaci\u00f3n de un certificado de confianza X.509, lo que facilita a atacantes que realicen un Man-in-the-middle suplantar servidores SSL en circunstancias especiales a trav\u00e9s de un certificado que es inaceptable por el usuario."
}
],
"id": "CVE-2013-6673",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2013-12-11T15:55:13.323",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-113.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/64213"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=917380"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-113.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/64213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=917380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-06 05:44
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://download.novell.com/Download?buildid=VYQsgaFpQ2k | Broken Link | |
| security@mozilla.org | http://download.novell.com/Download?buildid=Y2fux-JW1Qc | Broken Link | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://osvdb.org/102872 | Broken Link | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0132.html | Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0133.html | Third Party Advisory | |
| security@mozilla.org | http://secunia.com/advisories/56706 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56761 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56763 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56767 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56787 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56858 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56888 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56922 | Broken Link | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2858 | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2014/mfsa2014-08.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/65334 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029717 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029720 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029721 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2102-1 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2102-2 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2119-1 | Third Party Advisory | |
| security@mozilla.org | https://8pecxstudios.com/?page_id=44080 | Broken Link, URL Repurposed | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=942164 | Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/90890 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.novell.com/Download?buildid=VYQsgaFpQ2k | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.novell.com/Download?buildid=Y2fux-JW1Qc | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/102872 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0132.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0133.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56706 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56761 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56763 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56767 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56787 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56858 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56888 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56922 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2858 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2014/mfsa2014-08.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/65334 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029717 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029720 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029721 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2102-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2102-2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2119-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://8pecxstudios.com/?page_id=44080 | Broken Link, URL Repurposed | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=942164 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/90890 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| debian | debian_linux | 7.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86B3B84A-9D1F-4863-987C-5C958B05C523",
"versionEndExcluding": "27.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5BFC32-48C3-431E-BD30-67BF408025F1",
"versionEndExcluding": "24.3",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "328319A6-42EE-408E-91A8-87156C17AE46",
"versionEndExcluding": "2.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCF1ADE-2590-49D1-AD38-B7EF93AC92BE",
"versionEndExcluding": "24.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en la funci\u00f3n imgRequestProxy en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores involucrando valores Content-Type no especificados para datos de imagen."
}
],
"id": "CVE-2014-1486",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-02-06T05:44:24.987",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/102872"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56706"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56761"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56763"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56767"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56787"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56858"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56888"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56922"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65334"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=942164"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90890"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/102872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56767"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56922"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=942164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2881 | Third Party Advisory | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2911 | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2014/mfsa2014-17.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/66423 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=966311 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2881 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2911 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2014/mfsa2014-17.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/66423 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=966311 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "422EC5FE-DA03-4C14-ADED-D6212BE074D5",
"versionEndExcluding": "28.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F43E2CDB-F255-4199-A33E-BBFD18BA241C",
"versionEndExcluding": "24.4",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "097F1C3A-4546-43F3-8CC2-50F8AF05B791",
"versionEndExcluding": "2.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "507FBFAF-784E-4C0E-B959-9380C31EBD1B",
"versionEndExcluding": "24.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file."
},
{
"lang": "es",
"value": "La funci\u00f3n mozilla::WaveReader::DecodeAudioData en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 permite a atacantes remotos obtener informaci\u00f3n sensible de memoria din\u00e1mica de procesos, causar una denegaci\u00f3n de servicio (lectura fuera de rango y ca\u00edda de aplicaci\u00f3n), o posiblemente tener otro impacto no especificado a trav\u00e9s de un archivo WAV manipulado."
}
],
"id": "CVE-2014-1497",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-03-19T10:55:06.333",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-17.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66423"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=966311"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-17.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=966311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2014/mfsa2014-27.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/66425 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=966021 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2014/mfsa2014-27.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/66425 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=966021 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "422EC5FE-DA03-4C14-ADED-D6212BE074D5",
"versionEndExcluding": "28.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F43E2CDB-F255-4199-A33E-BBFD18BA241C",
"versionEndExcluding": "24.4",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "097F1C3A-4546-43F3-8CC2-50F8AF05B791",
"versionEndExcluding": "2.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "507FBFAF-784E-4C0E-B959-9380C31EBD1B",
"versionEndExcluding": "24.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "DD4BBD63-E038-45CE-9537-D96831E99A06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en la funci\u00f3n _cairo_truetype_index_to_ucs4 en cairo, utilizado en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una extensi\u00f3n manipulada que renderiza fuentes en un documento PDF."
}
],
"id": "CVE-2014-1509",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-03-19T10:55:06.600",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-27.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66425"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=966021"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-27.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=966021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-11 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2013/mfsa2013-115.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securitytracker.com/id/1029470 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029476 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2052-1 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2053-1 | Third Party Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=929261 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2013/mfsa2013-115.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029470 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029476 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2052-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2053-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=929261 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.04 | |
| canonical | ubuntu_linux | 13.10 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50A3A702-C2B1-4311-9EBC-D62079E3DCD5",
"versionEndExcluding": "26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "924CA671-D089-40FA-BE02-6938FD094713",
"versionEndExcluding": "24.2",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D337932C-EF9D-4511-87DB-54262C6635D9",
"versionEndExcluding": "2.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD42C60-4027-4EDE-A61B-84C80154A5C3",
"versionEndExcluding": "24.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*",
"matchCriteriaId": "E14271AE-1309-48F3-B9C6-D7DEEC488279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de JavaScript en Mozilla Firefox anterior a 26.0, Firefox ESR 24.x anterior a 24.2, Thunderbird anterior a 24.2, y SeaMonkey anterior a 2.23 no hace cumplir adecuadamente ciertas restricciones de composici\u00f3n tipogr\u00e1fica en la generaci\u00f3n de la matriz de elementos de tipo GetElementIC, lo cual tiene impacto no especificado y vectores de ataque remotos."
}
],
"id": "CVE-2013-5615",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2013-12-11T15:55:12.917",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-115.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=929261"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-115.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=929261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2881 | Third Party Advisory | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2911 | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2014/mfsa2014-32.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/66240 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=983344 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2881 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2911 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2014/mfsa2014-32.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/66240 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=983344 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "422EC5FE-DA03-4C14-ADED-D6212BE074D5",
"versionEndExcluding": "28.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F43E2CDB-F255-4199-A33E-BBFD18BA241C",
"versionEndExcluding": "24.4",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "097F1C3A-4546-43F3-8CC2-50F8AF05B791",
"versionEndExcluding": "2.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "507FBFAF-784E-4C0E-B959-9380C31EBD1B",
"versionEndExcluding": "24.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "DD4BBD63-E038-45CE-9537-D96831E99A06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class."
},
{
"lang": "es",
"value": "vmtypedarrayobject.cpp en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 no valida la longitud del array de destino antes de una operaci\u00f3n de copiar, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (escritura fuera de rango y ca\u00edda de aplicaci\u00f3n) mediante el aprovechamiento del uso incorrecto de la clase TypedArrayObject.\n"
}
],
"id": "CVE-2014-1514",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-03-19T10:55:06.723",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66240"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=983344"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=983344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-05-23 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a "billion laughs attack."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html | ||
| secalert@redhat.com | http://osvdb.org/91439 | ||
| secalert@redhat.com | http://seclists.org/oss-sec/2013/q1/674 | ||
| secalert@redhat.com | http://secunia.com/advisories/52659 | ||
| secalert@redhat.com | http://sourceforge.net/p/opalvoip/code/28856 | Exploit, Patch | |
| secalert@redhat.com | http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/58520 | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/82885 | ||
| secalert@redhat.com | https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/91439 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/oss-sec/2013/q1/674 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/52659 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceforge.net/p/opalvoip/code/28856 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/58520 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/82885 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opalvoip | portable_tool_library | 2.10.1 | |
| opalvoip | portable_tool_library | 2.10.2 | |
| opalvoip | portable_tool_library | 2.10.7 | |
| opalvoip | portable_tool_library | 2.10.9 | |
| ekiga | ekiga | * | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| suse | suse_linux_enterprise_desktop | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opalvoip:portable_tool_library:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31829F37-ECE5-46CF-B7D9-1D9CDE094607",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opalvoip:portable_tool_library:2.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4864CF35-4A44-43A7-A954-191F5FDA3856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opalvoip:portable_tool_library:2.10.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F9BA5CE2-2473-4F31-8438-1D7FFECD5EB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opalvoip:portable_tool_library:2.10.9:*:*:*:*:*:*:*",
"matchCriteriaId": "87CC24E3-5CC6-45CC-BC26-E9A0EE8FF923",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ekiga:ekiga:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8659F6D2-9C7D-40AE-B783-7E5ECD50D28A",
"versionEndIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "777F6902-6EFA-482A-9A17-48DA5BDDB9CD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a \"billion laughs attack.\""
},
{
"lang": "es",
"value": "Portable Tool Library (tambi\u00e9n conocido como PTLib) anterior a 2.10.10, utilizado en Ekiga anterior a 4.0.1, no detecta debidamente recursi\u00f3n durante expansi\u00f3n de entidad, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria y CPU) a trav\u00e9s de un documento PXML manipulado que contiene un n\u00famero grande de referencias de entidad anidadas, tambi\u00e9n conocido como \u0027ataque de un bill\u00f3n de risas.\u0027"
}
],
"id": "CVE-2013-1864",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-23T14:55:09.630",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/91439"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/oss-sec/2013/q1/674"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/52659"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://sourceforge.net/p/opalvoip/code/28856"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/58520"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82885"
},
{
"source": "secalert@redhat.com",
"url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/91439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2013/q1/674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/52659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://sourceforge.net/p/opalvoip/code/28856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/58520"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82885"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-06 05:44
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://download.novell.com/Download?buildid=VYQsgaFpQ2k | Broken Link | |
| security@mozilla.org | http://download.novell.com/Download?buildid=Y2fux-JW1Qc | Broken Link | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://osvdb.org/102864 | Broken Link | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0132.html | Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0133.html | Third Party Advisory | |
| security@mozilla.org | http://secunia.com/advisories/56706 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56761 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56763 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56767 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56787 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56858 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56888 | Broken Link | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2858 | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2014/mfsa2014-01.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/65317 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029717 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029720 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029721 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2102-1 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2102-2 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2119-1 | Third Party Advisory | |
| security@mozilla.org | https://8pecxstudios.com/?page_id=44080 | Broken Link, URL Repurposed | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=921470 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=925896 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=936808 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=937132 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=937697 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=945334 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=945939 | Exploit, Issue Tracking | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=950000 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=950438 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=951366 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=953114 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/90899 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.novell.com/Download?buildid=VYQsgaFpQ2k | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.novell.com/Download?buildid=Y2fux-JW1Qc | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/102864 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0132.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0133.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56706 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56761 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56763 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56767 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56787 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56858 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56888 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2858 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2014/mfsa2014-01.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/65317 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029717 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029720 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029721 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2102-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2102-2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2119-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://8pecxstudios.com/?page_id=44080 | Broken Link, URL Repurposed | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=921470 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=925896 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=936808 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=937132 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=937697 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=945334 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=945939 | Exploit, Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=950000 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=950438 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=951366 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=953114 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/90899 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86B3B84A-9D1F-4863-987C-5C958B05C523",
"versionEndExcluding": "27.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5BFC32-48C3-431E-BD30-67BF408025F1",
"versionEndExcluding": "24.3",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "328319A6-42EE-408E-91A8-87156C17AE46",
"versionEndExcluding": "2.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCF1ADE-2590-49D1-AD38-B7EF93AC92BE",
"versionEndExcluding": "24.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en el motor de navegaci\u00f3n en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2014-1477",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-02-06T05:44:24.393",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/102864"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56706"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56761"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56763"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56767"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56787"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56858"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56888"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65317"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=921470"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=925896"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=936808"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=937132"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=937697"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=945334"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=945939"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950000"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950438"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=951366"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=953114"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90899"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/102864"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56767"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=921470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=925896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=936808"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=937132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=937697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=945334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=945939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=951366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=953114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-06 05:44
Modified
2025-04-11 00:51
Severity ?
Summary
The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://download.novell.com/Download?buildid=VYQsgaFpQ2k | Broken Link | |
| security@mozilla.org | http://download.novell.com/Download?buildid=Y2fux-JW1Qc | Broken Link | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://osvdb.org/102866 | Broken Link | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0132.html | Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0133.html | Third Party Advisory | |
| security@mozilla.org | http://secunia.com/advisories/56706 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56761 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56763 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56767 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56787 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56858 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56888 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56922 | Broken Link | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2858 | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2014/mfsa2014-02.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/65320 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029717 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029720 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029721 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2102-1 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2102-2 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2119-1 | Third Party Advisory | |
| security@mozilla.org | https://8pecxstudios.com/?page_id=44080 | Broken Link, URL Repurposed | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=911864 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/90898 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.novell.com/Download?buildid=VYQsgaFpQ2k | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.novell.com/Download?buildid=Y2fux-JW1Qc | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/102866 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0132.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0133.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56706 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56761 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56763 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56767 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56787 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56858 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56888 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56922 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2858 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2014/mfsa2014-02.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/65320 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029717 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029720 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029721 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2102-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2102-2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2119-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://8pecxstudios.com/?page_id=44080 | Broken Link, URL Repurposed | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=911864 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/90898 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86B3B84A-9D1F-4863-987C-5C958B05C523",
"versionEndExcluding": "27.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5BFC32-48C3-431E-BD30-67BF408025F1",
"versionEndExcluding": "24.3",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "328319A6-42EE-408E-91A8-87156C17AE46",
"versionEndExcluding": "2.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCF1ADE-2590-49D1-AD38-B7EF93AC92BE",
"versionEndExcluding": "24.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes."
},
{
"lang": "es",
"value": "La implementaci\u00f3n System Only Wrapper (SOW) en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 no previene ciertas operaciones de clonado, lo que permite a atacantes remotos evadir restricciones sobre contenido XUL a trav\u00e9s de vectores que involucran el alcance del contenido XBL."
}
],
"id": "CVE-2014-1479",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-02-06T05:44:24.830",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/102866"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56706"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56761"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56763"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56767"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56787"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56858"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56888"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56922"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65320"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=911864"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90898"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/102866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56767"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56922"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65320"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=911864"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-06 05:44
Modified
2025-04-11 00:51
Severity ?
Summary
RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://download.novell.com/Download?buildid=VYQsgaFpQ2k | Broken Link | |
| security@mozilla.org | http://download.novell.com/Download?buildid=Y2fux-JW1Qc | Broken Link | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://osvdb.org/102868 | Broken Link | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0132.html | Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0133.html | Third Party Advisory | |
| security@mozilla.org | http://secunia.com/advisories/56706 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56761 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56763 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56767 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56787 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56858 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56888 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56922 | Broken Link | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2858 | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2014/mfsa2014-04.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/65328 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029717 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029720 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029721 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2102-1 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2102-2 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2119-1 | Third Party Advisory | |
| security@mozilla.org | https://8pecxstudios.com/?page_id=44080 | Broken Link, URL Repurposed | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=943803 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/90894 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.novell.com/Download?buildid=VYQsgaFpQ2k | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.novell.com/Download?buildid=Y2fux-JW1Qc | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/102868 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0132.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0133.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56706 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56761 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56763 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56767 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56787 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56858 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56888 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56922 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2858 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2014/mfsa2014-04.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/65328 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029717 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029720 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029721 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2102-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2102-2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2119-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://8pecxstudios.com/?page_id=44080 | Broken Link, URL Repurposed | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=943803 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/90894 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86B3B84A-9D1F-4863-987C-5C958B05C523",
"versionEndExcluding": "27.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5BFC32-48C3-431E-BD30-67BF408025F1",
"versionEndExcluding": "24.3",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "328319A6-42EE-408E-91A8-87156C17AE46",
"versionEndExcluding": "2.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCF1ADE-2590-49D1-AD38-B7EF93AC92BE",
"versionEndExcluding": "24.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create."
},
{
"lang": "es",
"value": "RasterImage.cpp en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 no previene el acceso a datos descartados, lo que permite a atacantes remotos ejecutar un c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (operaciones de escritura incorrectas) a trav\u00e9s de datos de imagen manipulados, como ha demostrado Goo Create."
}
],
"id": "CVE-2014-1482",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-02-06T05:44:24.893",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/102868"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56706"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56761"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56763"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56767"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56787"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56858"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56888"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56922"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65328"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=943803"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90894"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/102868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56767"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56922"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=943803"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-06 05:44
Modified
2025-04-11 00:51
Severity ?
Summary
Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://osvdb.org/102869 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56706 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56767 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56787 | Broken Link | |
| security@mozilla.org | http://secunia.com/advisories/56888 | Broken Link | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2014/mfsa2014-05.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/65316 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029717 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029720 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2102-1 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2102-2 | Third Party Advisory | |
| security@mozilla.org | https://8pecxstudios.com/?page_id=44080 | Broken Link, URL Repurposed | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=950427 | Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/90893 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/102869 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56706 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56767 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56787 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56888 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2014/mfsa2014-05.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/65316 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029717 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029720 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2102-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2102-2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://8pecxstudios.com/?page_id=44080 | Broken Link, URL Repurposed | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=950427 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/90893 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | solaris | 11.3 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| mozilla | firefox | * | |
| mozilla | seamonkey | * | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | linux_enterprise_desktop | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79A602C5-61FE-47BA-9786-F045B6C6DBA8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86B3B84A-9D1F-4863-987C-5C958B05C523",
"versionEndExcluding": "27.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "328319A6-42EE-408E-91A8-87156C17AE46",
"versionEndExcluding": "2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions."
},
{
"lang": "es",
"value": "Mozilla Firefox anterior a 27.0 y SeaMonkey anterior a 2.24 permiten a atacantes remotos evadir Same Origin Policy y obtener informaci\u00f3n sensible usando un elemento IFRAME en conjunci\u00f3n con ciertas medidas de tiempo involucrando las funciones document.caretPositionFromPoint y document.elementFromPoint."
}
],
"id": "CVE-2014-1483",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-06T05:44:24.910",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/102869"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56706"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56767"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56787"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56888"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-05.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65316"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"source": "security@mozilla.org",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950427"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90893"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/102869"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56767"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/56888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-05.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-11 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2013-1812.html | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2013/mfsa2013-109.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securitytracker.com/id/1029470 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.securitytracker.com/id/1029476 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2052-1 | Third Party Advisory | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2053-1 | Third Party Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=926361 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-1812.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2013/mfsa2013-109.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029470 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029476 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2052-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2053-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=926361 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.04 | |
| canonical | ubuntu_linux | 13.10 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50A3A702-C2B1-4311-9EBC-D62079E3DCD5",
"versionEndExcluding": "26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "924CA671-D089-40FA-BE02-6938FD094713",
"versionEndExcluding": "24.2",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D337932C-EF9D-4511-87DB-54262C6635D9",
"versionEndExcluding": "2.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD42C60-4027-4EDE-A61B-84C80154A5C3",
"versionEndExcluding": "24.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*",
"matchCriteriaId": "E14271AE-1309-48F3-B9C6-D7DEEC488279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despues de liberaci\u00f3n en la funci\u00f3n nsNodeUtils::LastRelease en la interfaz de usuario en el editor de componentes en Mozilla Firefox anterior a 26.0, Firefox ESR 24.x anterior a 24.2, Thunderbird anterior a 24.2, y SeaMonkey anterior a 2.23 que permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante la activaci\u00f3n inadecuada de la recolecci\u00f3n de basura ."
}
],
"id": "CVE-2013-5618",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2013-12-11T15:55:13.013",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-109.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=926361"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1812.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-109.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2052-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2053-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=926361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| security@mozilla.org | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2881 | Third Party Advisory | |
| security@mozilla.org | http://www.debian.org/security/2014/dsa-2911 | Third Party Advisory | |
| security@mozilla.org | http://www.mozilla.org/security/announce/2014/mfsa2014-26.html | Vendor Advisory | |
| security@mozilla.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| security@mozilla.org | http://www.securityfocus.com/bid/66426 | Third Party Advisory, VDB Entry | |
| security@mozilla.org | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=963198 | Exploit, Issue Tracking, Vendor Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0310.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0316.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2881 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2911 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2014/mfsa2014-26.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/66426 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2151-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=963198 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201504-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "422EC5FE-DA03-4C14-ADED-D6212BE074D5",
"versionEndExcluding": "28.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F43E2CDB-F255-4199-A33E-BBFD18BA241C",
"versionEndExcluding": "24.4",
"versionStartIncluding": "24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "097F1C3A-4546-43F3-8CC2-50F8AF05B791",
"versionEndExcluding": "2.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "507FBFAF-784E-4C0E-B959-9380C31EBD1B",
"versionEndExcluding": "24.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "DD4BBD63-E038-45CE-9537-D96831E99A06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering."
},
{
"lang": "es",
"value": "La funci\u00f3n libxul.so!gfxContext::Polygon en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 permite a atacantes remotos obtener informaci\u00f3n sensible de la memoria de procesos, causar una denegaci\u00f3n de servicio (lectura fuera de rango y ca\u00edda de aplicaci\u00f3n), o posiblemente evadir Same Origin Policy a trav\u00e9s de vectores involucrando la renderizaci\u00f3n de pol\u00edgono MathML.\n"
}
],
"id": "CVE-2014-1508",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-03-19T10:55:06.567",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-26.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66426"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=963198"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2151-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=963198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-01"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}