Vulnerabilites related to suse - suse_linux_enterprise_software_development_kit
cve-2015-0500
Vulnerability from cvelistv5
Published
2015-04-16 16:00
Modified
2024-08-06 04:10
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201507-19 | vendor-advisory, x_refsource_GENTOO | |
| http://www.securitytracker.com/id/1032121 | vdb-entry, x_refsource_SECTRACK | |
| http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/74081 | vdb-entry, x_refsource_BID | |
| http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:10:11.043Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-201507-19", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201507-19", }, { name: "1032121", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032121", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { name: "74081", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74081", }, { name: "SUSE-SU-2015:0946", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-04-14T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-30T16:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "GLSA-201507-19", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201507-19", }, { name: "1032121", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032121", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { name: "74081", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74081", }, { name: "SUSE-SU-2015:0946", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2015-0500", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "GLSA-201507-19", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201507-19", }, { name: "1032121", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032121", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { name: "74081", refsource: "BID", url: "http://www.securityfocus.com/bid/74081", }, { name: "SUSE-SU-2015:0946", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2015-0500", datePublished: "2015-04-16T16:00:00", dateReserved: "2014-12-17T00:00:00", dateUpdated: "2024-08-06T04:10:11.043Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1483
Vulnerability from cvelistv5
Published
2014-02-06 02:00
Modified
2024-08-06 09:42
Severity ?
EPSS score ?
Summary
Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:42:35.635Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "openSUSE-SU-2014:0212", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { name: "1029717", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029717", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://8pecxstudios.com/?page_id=44080", }, { name: "56787", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56787", }, { name: "1029720", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029720", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=950427", }, { name: "65316", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/65316", }, { name: "USN-2102-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "firefox-cve20141483-info-disc(90893)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90893", }, { name: "56888", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56888", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-05.html", }, { name: "102869", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/102869", }, { name: "SUSE-SU-2014:0248", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "USN-2102-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56767", }, { name: "56706", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56706", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-02-04T00:00:00", descriptions: [ { lang: "en", value: "Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-02T19:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { name: "openSUSE-SU-2014:0212", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { name: "1029717", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029717", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://8pecxstudios.com/?page_id=44080", }, { name: "56787", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56787", }, { name: "1029720", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029720", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=950427", }, { name: "65316", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/65316", }, { name: "USN-2102-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "firefox-cve20141483-info-disc(90893)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90893", }, { name: "56888", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56888", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-05.html", }, { name: "102869", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/102869", }, { name: "SUSE-SU-2014:0248", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "USN-2102-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56767", }, { name: "56706", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56706", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2014-1483", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "openSUSE-SU-2014:0212", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { name: "1029717", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029717", }, { name: "https://8pecxstudios.com/?page_id=44080", refsource: "CONFIRM", url: "https://8pecxstudios.com/?page_id=44080", }, { name: "56787", refsource: "SECUNIA", url: "http://secunia.com/advisories/56787", }, { name: "1029720", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029720", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=950427", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=950427", }, { name: "65316", refsource: "BID", url: "http://www.securityfocus.com/bid/65316", }, { name: "USN-2102-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "firefox-cve20141483-info-disc(90893)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90893", }, { name: "56888", refsource: "SECUNIA", url: "http://secunia.com/advisories/56888", }, { name: "openSUSE-SU-2014:0419", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "http://www.mozilla.org/security/announce/2014/mfsa2014-05.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-05.html", }, { name: "102869", refsource: "OSVDB", url: "http://osvdb.org/102869", }, { name: "SUSE-SU-2014:0248", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "USN-2102-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", refsource: "SECUNIA", url: "http://secunia.com/advisories/56767", }, { name: "56706", refsource: "SECUNIA", url: "http://secunia.com/advisories/56706", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2014-1483", datePublished: "2014-02-06T02:00:00", dateReserved: "2014-01-16T00:00:00", dateUpdated: "2024-08-06T09:42:35.635Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1477
Vulnerability from cvelistv5
Published
2014-02-06 02:00
Modified
2024-08-06 09:42
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:42:35.412Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-2119-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029721", }, { name: "openSUSE-SU-2014:0212", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=950000", }, { name: "1029717", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029717", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=953114", }, { name: "56787", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56787", }, { name: "1029720", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029720", }, { name: "56858", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56858", }, { name: "DSA-2858", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=945334", }, { name: "56763", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56763", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=925896", }, { name: "firefox-cve20141477-code-exec(90899)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90899", }, { name: "USN-2102-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "RHSA-2014:0133", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "65317", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/65317", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=950438", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=937132", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "56761", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56761", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=921470", }, { name: "102864", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/102864", }, { name: "FEDORA-2014-2041", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=937697", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=945939", }, { name: "SUSE-SU-2014:0248", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "openSUSE-SU-2014:0213", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56767", }, { name: "56706", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56706", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=951366", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=936808", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-02-04T00:00:00", descriptions: [ { lang: "en", value: "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-02T19:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { name: "USN-2119-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029721", }, { name: "openSUSE-SU-2014:0212", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=950000", }, { name: "1029717", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029717", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=953114", }, { name: "56787", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56787", }, { name: "1029720", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029720", }, { name: "56858", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56858", }, { name: "DSA-2858", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=945334", }, { name: "56763", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56763", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=925896", }, { name: "firefox-cve20141477-code-exec(90899)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90899", }, { name: "USN-2102-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "RHSA-2014:0133", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "65317", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/65317", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=950438", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=937132", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "56761", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56761", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=921470", }, { name: "102864", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/102864", }, { name: "FEDORA-2014-2041", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=937697", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=945939", }, { name: "SUSE-SU-2014:0248", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "openSUSE-SU-2014:0213", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56767", }, { name: "56706", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56706", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=951366", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=936808", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2014-1477", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "USN-2119-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2119-1", }, { name: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", refsource: "CONFIRM", url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029721", }, { name: "openSUSE-SU-2014:0212", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=950000", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=950000", }, { name: "1029717", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029717", }, { name: "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html", }, { name: "https://8pecxstudios.com/?page_id=44080", refsource: "CONFIRM", url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=953114", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=953114", }, { name: "56787", refsource: "SECUNIA", url: "http://secunia.com/advisories/56787", }, { name: "1029720", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029720", }, { name: "56858", refsource: "SECUNIA", url: "http://secunia.com/advisories/56858", }, { name: "DSA-2858", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2858", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=945334", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=945334", }, { name: "56763", refsource: "SECUNIA", url: "http://secunia.com/advisories/56763", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=925896", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=925896", }, { name: "firefox-cve20141477-code-exec(90899)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90899", }, { name: "USN-2102-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "RHSA-2014:0133", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "65317", refsource: "BID", url: "http://www.securityfocus.com/bid/65317", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=950438", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=950438", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=937132", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=937132", }, { name: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", refsource: "CONFIRM", url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", refsource: "SECUNIA", url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "56761", refsource: "SECUNIA", url: "http://secunia.com/advisories/56761", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=921470", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=921470", }, { name: "102864", refsource: "OSVDB", url: "http://osvdb.org/102864", }, { name: "FEDORA-2014-2041", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=937697", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=937697", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=945939", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=945939", }, { name: "SUSE-SU-2014:0248", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "openSUSE-SU-2014:0213", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", refsource: "SECUNIA", url: "http://secunia.com/advisories/56767", }, { name: "56706", refsource: "SECUNIA", url: "http://secunia.com/advisories/56706", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=951366", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=951366", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=936808", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=936808", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2014-1477", datePublished: "2014-02-06T02:00:00", dateReserved: "2014-01-16T00:00:00", dateUpdated: "2024-08-06T09:42:35.412Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1497
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
EPSS score ?
Summary
The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:42:36.202Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "66423", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/66423", }, { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-17.html", }, { name: "DSA-2911", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "DSA-2881", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=966311", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-03-18T00:00:00", descriptions: [ { lang: "en", value: "The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-15T17:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { name: "66423", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/66423", }, { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-17.html", }, { name: "DSA-2911", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "DSA-2881", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=966311", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2014-1497", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "66423", refsource: "BID", url: "http://www.securityfocus.com/bid/66423", }, { name: "RHSA-2014:0310", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "http://www.mozilla.org/security/announce/2014/mfsa2014-17.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-17.html", }, { name: "DSA-2911", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "DSA-2881", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2881", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=966311", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=966311", }, { name: "openSUSE-SU-2014:0419", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2014-1497", datePublished: "2014-03-19T10:00:00", dateReserved: "2014-01-16T00:00:00", dateUpdated: "2024-08-06T09:42:36.202Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-0439
Vulnerability from cvelistv5
Published
2015-04-16 16:00
Modified
2024-08-06 04:10
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/74085 | vdb-entry, x_refsource_BID | |
| https://security.gentoo.org/glsa/201507-19 | vendor-advisory, x_refsource_GENTOO | |
| http://www.securitytracker.com/id/1032121 | vdb-entry, x_refsource_SECTRACK | |
| http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:10:10.469Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "74085", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74085", }, { name: "GLSA-201507-19", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201507-19", }, { name: "1032121", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032121", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { name: "SUSE-SU-2015:0946", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-04-14T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-30T16:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "74085", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74085", }, { name: "GLSA-201507-19", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201507-19", }, { name: "1032121", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032121", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { name: "SUSE-SU-2015:0946", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2015-0439", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "74085", refsource: "BID", url: "http://www.securityfocus.com/bid/74085", }, { name: "GLSA-201507-19", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201507-19", }, { name: "1032121", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032121", }, { name: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { name: "SUSE-SU-2015:0946", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2015-0439", datePublished: "2015-04-16T16:00:00", dateReserved: "2014-12-17T00:00:00", dateUpdated: "2024-08-06T04:10:10.469Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2012-5830
Vulnerability from cvelistv5
Published
2012-11-21 11:00
Modified
2024-08-06 21:21
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T21:21:26.942Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-1638-3", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-1638-3", }, { name: "51370", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/51370", }, { name: "USN-1638-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-1638-2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=775228", }, { name: "openSUSE-SU-2012:1586", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html", }, { name: "USN-1636-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-1636-1", }, { name: "openSUSE-SU-2013:0175", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html", }, { name: "RHSA-2012:1483", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1483.html", }, { name: "firefox-html-file-code-execution(80183)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/80183", }, { name: "RHSA-2012:1482", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1482.html", }, { name: "51434", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/51434", }, { name: "openSUSE-SU-2012:1583", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html", }, { name: "51439", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/51439", }, { name: "51440", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/51440", }, { name: "USN-1638-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-1638-1", }, { name: "SUSE-SU-2012:1592", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2012/mfsa2012-106.html", }, { name: "51359", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/51359", }, { name: "openSUSE-SU-2012:1585", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html", }, { name: "51381", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/51381", }, { name: "87598", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/87598", }, { name: "51369", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/51369", }, { name: "51360", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/51360", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2012-11-20T00:00:00", descriptions: [ { lang: "en", value: "Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-28T12:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "USN-1638-3", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-1638-3", }, { name: "51370", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/51370", }, { name: "USN-1638-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-1638-2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=775228", }, { name: "openSUSE-SU-2012:1586", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html", }, { name: "USN-1636-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-1636-1", }, { name: "openSUSE-SU-2013:0175", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html", }, { name: "RHSA-2012:1483", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1483.html", }, { name: "firefox-html-file-code-execution(80183)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/80183", }, { name: "RHSA-2012:1482", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1482.html", }, { name: "51434", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/51434", }, { name: "openSUSE-SU-2012:1583", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html", }, { name: "51439", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/51439", }, { name: "51440", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/51440", }, { name: "USN-1638-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-1638-1", }, { name: "SUSE-SU-2012:1592", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2012/mfsa2012-106.html", }, { name: "51359", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/51359", }, { name: "openSUSE-SU-2012:1585", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html", }, { name: "51381", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/51381", }, { name: "87598", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/87598", }, { name: "51369", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/51369", }, { name: "51360", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/51360", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2012-5830", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "USN-1638-3", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-1638-3", }, { name: "51370", refsource: "SECUNIA", url: "http://secunia.com/advisories/51370", }, { name: "USN-1638-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-1638-2", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=775228", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=775228", }, { name: "openSUSE-SU-2012:1586", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html", }, { name: "USN-1636-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-1636-1", }, { name: "openSUSE-SU-2013:0175", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html", }, { name: "RHSA-2012:1483", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2012-1483.html", }, { name: "firefox-html-file-code-execution(80183)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/80183", }, { name: "RHSA-2012:1482", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2012-1482.html", }, { name: "51434", refsource: "SECUNIA", url: "http://secunia.com/advisories/51434", }, { name: "openSUSE-SU-2012:1583", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html", }, { name: "51439", refsource: "SECUNIA", url: "http://secunia.com/advisories/51439", }, { name: "51440", refsource: "SECUNIA", url: "http://secunia.com/advisories/51440", }, { name: "USN-1638-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-1638-1", }, { name: "SUSE-SU-2012:1592", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html", }, { name: "http://www.mozilla.org/security/announce/2012/mfsa2012-106.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2012/mfsa2012-106.html", }, { name: "51359", refsource: "SECUNIA", url: "http://secunia.com/advisories/51359", }, { name: "openSUSE-SU-2012:1585", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html", }, { name: "51381", refsource: "SECUNIA", url: "http://secunia.com/advisories/51381", }, { name: "87598", refsource: "OSVDB", url: "http://osvdb.org/87598", }, { name: "51369", refsource: "SECUNIA", url: "http://secunia.com/advisories/51369", }, { name: "51360", refsource: "SECUNIA", url: "http://secunia.com/advisories/51360", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2012-5830", datePublished: "2012-11-21T11:00:00", dateReserved: "2012-11-05T00:00:00", dateUpdated: "2024-08-06T21:21:26.942Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1508
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
EPSS score ?
Summary
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:42:36.374Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-26.html", }, { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "DSA-2911", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=963198", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "66426", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/66426", }, { name: "DSA-2881", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-03-18T00:00:00", descriptions: [ { lang: "en", value: "The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-15T17:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-26.html", }, { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "DSA-2911", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=963198", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "66426", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/66426", }, { name: "DSA-2881", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2014-1508", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.mozilla.org/security/announce/2014/mfsa2014-26.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-26.html", }, { name: "RHSA-2014:0310", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "DSA-2911", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=963198", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=963198", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "66426", refsource: "BID", url: "http://www.securityfocus.com/bid/66426", }, { name: "DSA-2881", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2881", }, { name: "openSUSE-SU-2014:0419", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2014-1508", datePublished: "2014-03-19T10:00:00", dateReserved: "2014-01-16T00:00:00", dateUpdated: "2024-08-06T09:42:36.374Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1512
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:42:36.221Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-30.html", }, { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982957", }, { name: "DSA-2911", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "DSA-2881", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { name: "20140326 VUPEN Security Research - Mozilla Firefox \"BumpChunk\" Object Processing Use-after-free (Pwn2Own)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-03/0145.html", }, { name: "66209", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/66209", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-03-18T00:00:00", descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-15T17:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-30.html", }, { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982957", }, { name: "DSA-2911", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "DSA-2881", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { name: "20140326 VUPEN Security Research - Mozilla Firefox \"BumpChunk\" Object Processing Use-after-free (Pwn2Own)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-03/0145.html", }, { name: "66209", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/66209", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2014-1512", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.mozilla.org/security/announce/2014/mfsa2014-30.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-30.html", }, { name: "RHSA-2014:0310", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=982957", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982957", }, { name: "DSA-2911", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "DSA-2881", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2881", }, { name: "openSUSE-SU-2014:0419", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { name: "20140326 VUPEN Security Research - Mozilla Firefox \"BumpChunk\" Object Processing Use-after-free (Pwn2Own)", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2014-03/0145.html", }, { name: "66209", refsource: "BID", url: "http://www.securityfocus.com/bid/66209", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2014-1512", datePublished: "2014-03-19T10:00:00", dateReserved: "2014-01-16T00:00:00", dateUpdated: "2024-08-06T09:42:36.221Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-5244
Vulnerability from cvelistv5
Published
2016-06-27 10:00
Modified
2024-08-06 00:53
Severity ?
EPSS score ?
Summary
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:53:48.916Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb", }, { name: "SUSE-SU-2016:1690", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { name: "USN-3070-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3070-1", }, { name: "[oss-security] 20160603 Re: CVE Request: rds: fix an infoleak in rds_inc_info_copy", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/06/03/5", }, { name: "SUSE-SU-2016:1985", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html", }, { name: "openSUSE-SU-2016:2184", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://patchwork.ozlabs.org/patch/629110/", }, { name: "USN-3070-3", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3070-3", }, { name: "1041895", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041895", }, { name: "openSUSE-SU-2016:1641", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html", }, { name: "91021", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/91021", }, { name: "DSA-3607", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3607", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb", }, { name: "USN-3070-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3070-2", }, { name: "SUSE-SU-2016:1672", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1343337", }, { name: "USN-3071-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3071-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { name: "USN-3070-4", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3070-4", }, { name: "SUSE-SU-2016:2105", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { name: "USN-3072-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3072-2", }, { name: "USN-3072-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3072-1", }, { name: "USN-3071-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3071-2", }, { name: "SUSE-SU-2016:1937", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-06-03T00:00:00", descriptions: [ { lang: "en", value: "The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-17T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb", }, { name: "SUSE-SU-2016:1690", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { name: "USN-3070-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3070-1", }, { name: "[oss-security] 20160603 Re: CVE Request: rds: fix an infoleak in rds_inc_info_copy", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/06/03/5", }, { name: "SUSE-SU-2016:1985", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html", }, { name: "openSUSE-SU-2016:2184", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://patchwork.ozlabs.org/patch/629110/", }, { name: "USN-3070-3", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3070-3", }, { name: "1041895", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041895", }, { name: "openSUSE-SU-2016:1641", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html", }, { name: "91021", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/91021", }, { name: "DSA-3607", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3607", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb", }, { name: "USN-3070-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3070-2", }, { name: "SUSE-SU-2016:1672", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1343337", }, { name: "USN-3071-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3071-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { name: "USN-3070-4", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3070-4", }, { name: "SUSE-SU-2016:2105", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { name: "USN-3072-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3072-2", }, { name: "USN-3072-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3072-1", }, { name: "USN-3071-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3071-2", }, { name: "SUSE-SU-2016:1937", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-5244", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb", refsource: "CONFIRM", url: "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb", }, { name: "SUSE-SU-2016:1690", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { name: "USN-3070-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3070-1", }, { name: "[oss-security] 20160603 Re: CVE Request: rds: fix an infoleak in rds_inc_info_copy", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/06/03/5", }, { name: "SUSE-SU-2016:1985", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html", }, { name: "openSUSE-SU-2016:2184", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { name: "https://patchwork.ozlabs.org/patch/629110/", refsource: "CONFIRM", url: "https://patchwork.ozlabs.org/patch/629110/", }, { name: "USN-3070-3", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3070-3", }, { name: "1041895", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041895", }, { name: "openSUSE-SU-2016:1641", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html", }, { name: "91021", refsource: "BID", url: "http://www.securityfocus.com/bid/91021", }, { name: "DSA-3607", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3607", }, { name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb", refsource: "CONFIRM", url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb", }, { name: "USN-3070-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3070-2", }, { name: "SUSE-SU-2016:1672", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1343337", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1343337", }, { name: "USN-3071-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3071-1", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { name: "USN-3070-4", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3070-4", }, { name: "SUSE-SU-2016:2105", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { name: "USN-3072-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3072-2", }, { name: "USN-3072-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3072-1", }, { name: "USN-3071-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3071-2", }, { name: "SUSE-SU-2016:1937", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-5244", datePublished: "2016-06-27T10:00:00", dateReserved: "2016-06-03T00:00:00", dateUpdated: "2024-08-06T00:53:48.916Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-5615
Vulnerability from cvelistv5
Published
2013-12-11 15:00
Modified
2024-08-06 17:15
Severity ?
EPSS score ?
Summary
The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T17:15:21.503Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "openSUSE-SU-2013:1958", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { name: "openSUSE-SU-2013:1957", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-115.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=929261", }, { name: "USN-2052-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { name: "USN-2053-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-12-10T00:00:00", descriptions: [ { lang: "en", value: "The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-20T16:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { name: "openSUSE-SU-2013:1958", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { name: "openSUSE-SU-2013:1957", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-115.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=929261", }, { name: "USN-2052-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { name: "USN-2053-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2013-5615", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "openSUSE-SU-2013:1958", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { name: "openSUSE-SU-2013:1957", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { name: "http://www.mozilla.org/security/announce/2013/mfsa2013-115.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2013/mfsa2013-115.html", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=929261", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=929261", }, { name: "USN-2052-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2052-1", }, { name: "USN-2053-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2013-5615", datePublished: "2013-12-11T15:00:00", dateReserved: "2013-08-26T00:00:00", dateUpdated: "2024-08-06T17:15:21.503Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1479
Vulnerability from cvelistv5
Published
2014-02-06 02:00
Modified
2024-08-06 09:42
Severity ?
EPSS score ?
Summary
The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:42:35.791Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-2119-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029721", }, { name: "openSUSE-SU-2014:0212", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { name: "1029717", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029717", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { name: "56922", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56922", }, { name: "56787", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56787", }, { name: "1029720", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029720", }, { name: "56858", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56858", }, { name: "firefox-cve20141479-sec-bypass(90898)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90898", }, { name: "102866", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/102866", }, { name: "DSA-2858", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { name: "56763", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56763", }, { name: "USN-2102-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "RHSA-2014:0133", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "65320", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/65320", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=911864", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "56761", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56761", }, { name: "FEDORA-2014-2041", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { name: "SUSE-SU-2014:0248", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "openSUSE-SU-2014:0213", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56767", }, { name: "56706", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56706", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-02-04T00:00:00", descriptions: [ { lang: "en", value: "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-02T19:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { name: "USN-2119-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029721", }, { name: "openSUSE-SU-2014:0212", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { name: "1029717", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029717", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { name: "56922", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56922", }, { name: "56787", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56787", }, { name: "1029720", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029720", }, { name: "56858", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56858", }, { name: "firefox-cve20141479-sec-bypass(90898)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90898", }, { name: "102866", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/102866", }, { name: "DSA-2858", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { name: "56763", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56763", }, { name: "USN-2102-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "RHSA-2014:0133", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "65320", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/65320", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=911864", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "56761", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56761", }, { name: "FEDORA-2014-2041", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { name: "SUSE-SU-2014:0248", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "openSUSE-SU-2014:0213", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56767", }, { name: "56706", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56706", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2014-1479", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "USN-2119-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2119-1", }, { name: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", refsource: "CONFIRM", url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029721", }, { name: "openSUSE-SU-2014:0212", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { name: "1029717", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029717", }, { name: "https://8pecxstudios.com/?page_id=44080", refsource: "CONFIRM", url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { name: "56922", refsource: "SECUNIA", url: "http://secunia.com/advisories/56922", }, { name: "56787", refsource: "SECUNIA", url: "http://secunia.com/advisories/56787", }, { name: "1029720", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029720", }, { name: "56858", refsource: "SECUNIA", url: "http://secunia.com/advisories/56858", }, { name: "firefox-cve20141479-sec-bypass(90898)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90898", }, { name: "102866", refsource: "OSVDB", url: "http://osvdb.org/102866", }, { name: "DSA-2858", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2858", }, { name: "56763", refsource: "SECUNIA", url: "http://secunia.com/advisories/56763", }, { name: "USN-2102-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "RHSA-2014:0133", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "65320", refsource: "BID", url: "http://www.securityfocus.com/bid/65320", }, { name: "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=911864", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=911864", }, { name: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", refsource: "CONFIRM", url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", refsource: "SECUNIA", url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "56761", refsource: "SECUNIA", url: "http://secunia.com/advisories/56761", }, { name: "FEDORA-2014-2041", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { name: "SUSE-SU-2014:0248", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "openSUSE-SU-2014:0213", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", refsource: "SECUNIA", url: "http://secunia.com/advisories/56767", }, { name: "56706", refsource: "SECUNIA", url: "http://secunia.com/advisories/56706", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2014-1479", datePublished: "2014-02-06T02:00:00", dateReserved: "2014-01-16T00:00:00", dateUpdated: "2024-08-06T09:42:35.791Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4854
Vulnerability from cvelistv5
Published
2013-07-26 23:00
Modified
2024-08-06 16:59
Severity ?
EPSS score ?
Summary
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:59:39.290Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "FEDORA-2013-13863", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html", }, { name: "HPSBUX02926", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.isc.org/article/AA-01015", }, { name: "APPLE-SA-2014-10-16-3", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html", }, { name: "54134", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/54134", }, { name: "MDVSA-2013:202", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.oracle.com/errata/ELSA-2014-1244", }, { name: "54185", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/54185", }, { name: "FreeBSD-SA-13:07", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.isc.org/article/AA-01016", }, { name: "oval:org.mitre.oval:def:19561", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10052", }, { name: "FEDORA-2013-13831", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html", }, { name: "54207", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/54207", }, { name: "openSUSE-SU-2013:1354", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT6536", }, { name: "isc-bind-cve20134854-dos(86004)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.zerodayinitiative.com/advisories/ZDI-13-210/", }, { name: "20130806 [slackware-security] bind (SSA:2013-218-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html", }, { name: "RHSA-2013:1114", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1114.html", }, { name: "61479", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/61479", }, { name: "54323", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/54323", }, { name: "SUSE-SU-2013:1310", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html", }, { name: "54211", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/54211", }, { name: "USN-1910-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-1910-1", }, { name: "DSA-2728", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2013/dsa-2728", }, { name: "1028838", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1028838", }, { name: "RHSA-2013:1115", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1115.html", }, { name: "SSRT101281", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396", }, { name: "54432", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/54432", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-07-26T00:00:00", descriptions: [ { lang: "en", value: "The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-28T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "FEDORA-2013-13863", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html", }, { name: "HPSBUX02926", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.isc.org/article/AA-01015", }, { name: "APPLE-SA-2014-10-16-3", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html", }, { name: "54134", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/54134", }, { name: "MDVSA-2013:202", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.oracle.com/errata/ELSA-2014-1244", }, { name: "54185", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/54185", }, { name: "FreeBSD-SA-13:07", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.isc.org/article/AA-01016", }, { name: "oval:org.mitre.oval:def:19561", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561", }, { tags: [ "x_refsource_MISC", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10052", }, { name: "FEDORA-2013-13831", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html", }, { name: "54207", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/54207", }, { name: "openSUSE-SU-2013:1354", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT6536", }, { name: "isc-bind-cve20134854-dos(86004)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004", }, { tags: [ "x_refsource_MISC", ], url: "http://www.zerodayinitiative.com/advisories/ZDI-13-210/", }, { name: "20130806 [slackware-security] bind (SSA:2013-218-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html", }, { name: "RHSA-2013:1114", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1114.html", }, { name: "61479", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/61479", }, { name: "54323", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/54323", }, { name: "SUSE-SU-2013:1310", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html", }, { name: "54211", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/54211", }, { name: "USN-1910-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-1910-1", }, { name: "DSA-2728", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2013/dsa-2728", }, { name: "1028838", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1028838", }, { name: "RHSA-2013:1115", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1115.html", }, { name: "SSRT101281", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396", }, { name: "54432", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/54432", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2013-4854", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "FEDORA-2013-13863", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html", }, { name: "HPSBUX02926", refsource: "HP", url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396", }, { name: "https://kb.isc.org/article/AA-01015", refsource: "CONFIRM", url: "https://kb.isc.org/article/AA-01015", }, { name: "APPLE-SA-2014-10-16-3", refsource: "APPLE", url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html", }, { name: "54134", refsource: "SECUNIA", url: "http://secunia.com/advisories/54134", }, { name: "MDVSA-2013:202", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202", }, { name: "http://linux.oracle.com/errata/ELSA-2014-1244", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-1244", }, { name: "54185", refsource: "SECUNIA", url: "http://secunia.com/advisories/54185", }, { name: "FreeBSD-SA-13:07", refsource: "FREEBSD", url: "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc", }, { name: "https://kb.isc.org/article/AA-01016", refsource: "CONFIRM", url: "https://kb.isc.org/article/AA-01016", }, { name: "oval:org.mitre.oval:def:19561", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10052", refsource: "MISC", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10052", }, { name: "FEDORA-2013-13831", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html", }, { name: "54207", refsource: "SECUNIA", url: "http://secunia.com/advisories/54207", }, { name: "openSUSE-SU-2013:1354", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html", }, { name: "https://support.apple.com/kb/HT6536", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT6536", }, { name: "isc-bind-cve20134854-dos(86004)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004", }, { name: "http://www.zerodayinitiative.com/advisories/ZDI-13-210/", refsource: "MISC", url: "http://www.zerodayinitiative.com/advisories/ZDI-13-210/", }, { name: "20130806 [slackware-security] bind (SSA:2013-218-01)", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html", }, { name: "RHSA-2013:1114", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2013-1114.html", }, { name: "61479", refsource: "BID", url: "http://www.securityfocus.com/bid/61479", }, { name: "54323", refsource: "SECUNIA", url: "http://secunia.com/advisories/54323", }, { name: "SUSE-SU-2013:1310", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html", }, { name: "54211", refsource: "SECUNIA", url: "http://secunia.com/advisories/54211", }, { name: "USN-1910-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-1910-1", }, { name: "DSA-2728", refsource: "DEBIAN", url: "http://www.debian.org/security/2013/dsa-2728", }, { name: "1028838", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1028838", }, { name: "RHSA-2013:1115", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2013-1115.html", }, { name: "SSRT101281", refsource: "HP", url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396", }, { name: "54432", refsource: "SECUNIA", url: "http://secunia.com/advisories/54432", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2013-4854", datePublished: "2013-07-26T23:00:00", dateReserved: "2013-07-16T00:00:00", dateUpdated: "2024-08-06T16:59:39.290Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1509
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
EPSS score ?
Summary
Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:42:36.199Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "66425", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/66425", }, { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-27.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=966021", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-03-18T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-20T16:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { name: "66425", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/66425", }, { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-27.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=966021", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2014-1509", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "66425", refsource: "BID", url: "http://www.securityfocus.com/bid/66425", }, { name: "RHSA-2014:0310", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "http://www.mozilla.org/security/announce/2014/mfsa2014-27.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-27.html", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=966021", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=966021", }, { name: "openSUSE-SU-2014:0419", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2014-1509", datePublished: "2014-03-19T10:00:00", dateReserved: "2014-01-16T00:00:00", dateUpdated: "2024-08-06T09:42:36.199Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1511
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
EPSS score ?
Summary
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:42:36.250Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "66207", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/66207", }, { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "DSA-2911", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982909", }, { name: "DSA-2881", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-03-18T00:00:00", descriptions: [ { lang: "en", value: "Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-15T17:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { name: "66207", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/66207", }, { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "DSA-2911", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982909", }, { name: "DSA-2881", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2014-1511", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "66207", refsource: "BID", url: "http://www.securityfocus.com/bid/66207", }, { name: "RHSA-2014:0310", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "DSA-2911", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=982909", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982909", }, { name: "DSA-2881", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2881", }, { name: "openSUSE-SU-2014:0419", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { name: "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2014-1511", datePublished: "2014-03-19T10:00:00", dateReserved: "2014-01-16T00:00:00", dateUpdated: "2024-08-06T09:42:36.250Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-5618
Vulnerability from cvelistv5
Published
2013-12-11 15:00
Modified
2024-08-06 17:15
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T17:15:21.442Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-109.html", }, { name: "openSUSE-SU-2013:1958", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { name: "openSUSE-SU-2013:1957", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=926361", }, { name: "openSUSE-SU-2013:1959", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { name: "RHSA-2013:1812", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { name: "USN-2053-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-12-10T00:00:00", descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-20T16:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-109.html", }, { name: "openSUSE-SU-2013:1958", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { name: "openSUSE-SU-2013:1957", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=926361", }, { name: "openSUSE-SU-2013:1959", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { name: "RHSA-2013:1812", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { name: "USN-2053-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2013-5618", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.mozilla.org/security/announce/2013/mfsa2013-109.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2013/mfsa2013-109.html", }, { name: "openSUSE-SU-2013:1958", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { name: "openSUSE-SU-2013:1957", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=926361", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=926361", }, { name: "openSUSE-SU-2013:1959", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2052-1", }, { name: "RHSA-2013:1812", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { name: "USN-2053-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2013-5618", datePublished: "2013-12-11T15:00:00", dateReserved: "2013-08-26T00:00:00", dateUpdated: "2024-08-06T17:15:21.442Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1493
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:42:36.268Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=896268", }, { name: "66412", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/66412", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=967341", }, { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "DSA-2911", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-15.html", }, { name: "DSA-2881", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=960145", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=965982", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=977538", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=963974", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=958867", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-03-18T00:00:00", descriptions: [ { lang: "en", value: "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-15T17:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=896268", }, { name: "66412", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/66412", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=967341", }, { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "DSA-2911", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-15.html", }, { name: "DSA-2881", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=960145", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=965982", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=977538", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=963974", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=958867", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2014-1493", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=896268", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=896268", }, { name: "66412", refsource: "BID", url: "http://www.securityfocus.com/bid/66412", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=967341", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=967341", }, { name: "RHSA-2014:0310", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "DSA-2911", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "http://www.mozilla.org/security/announce/2014/mfsa2014-15.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-15.html", }, { name: "DSA-2881", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2881", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=960145", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=960145", }, { name: "openSUSE-SU-2014:0419", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=965982", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=965982", }, { name: "RHSA-2014:0316", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=977538", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=977538", }, { name: "openSUSE-SU-2014:0448", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=963974", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=963974", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=958867", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=958867", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2014-1493", datePublished: "2014-03-19T10:00:00", dateReserved: "2014-01-16T00:00:00", dateUpdated: "2024-08-06T09:42:36.268Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1482
Vulnerability from cvelistv5
Published
2014-02-06 02:00
Modified
2024-08-06 09:42
Severity ?
EPSS score ?
Summary
RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:42:35.543Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-2119-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029721", }, { name: "openSUSE-SU-2014:0212", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=943803", }, { name: "1029717", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029717", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { name: "56922", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56922", }, { name: "56787", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56787", }, { name: "1029720", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029720", }, { name: "56858", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56858", }, { name: "DSA-2858", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { name: "56763", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56763", }, { name: "USN-2102-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "RHSA-2014:0133", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "102868", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/102868", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html", }, { name: "56761", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56761", }, { name: "firefox-cve20141482-code-exec(90894)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90894", }, { name: "FEDORA-2014-2041", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { name: "SUSE-SU-2014:0248", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "openSUSE-SU-2014:0213", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56767", }, { name: "56706", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56706", }, { name: "65328", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/65328", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-02-04T00:00:00", descriptions: [ { lang: "en", value: "RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-02T19:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { name: "USN-2119-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029721", }, { name: "openSUSE-SU-2014:0212", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=943803", }, { name: "1029717", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029717", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { name: "56922", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56922", }, { name: "56787", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56787", }, { name: "1029720", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029720", }, { name: "56858", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56858", }, { name: "DSA-2858", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { name: "56763", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56763", }, { name: "USN-2102-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "RHSA-2014:0133", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "102868", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/102868", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html", }, { name: "56761", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56761", }, { name: "firefox-cve20141482-code-exec(90894)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90894", }, { name: "FEDORA-2014-2041", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { name: "SUSE-SU-2014:0248", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "openSUSE-SU-2014:0213", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56767", }, { name: "56706", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56706", }, { name: "65328", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/65328", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2014-1482", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "USN-2119-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2119-1", }, { name: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", refsource: "CONFIRM", url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029721", }, { name: "openSUSE-SU-2014:0212", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=943803", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=943803", }, { name: "1029717", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029717", }, { name: "https://8pecxstudios.com/?page_id=44080", refsource: "CONFIRM", url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { name: "56922", refsource: "SECUNIA", url: "http://secunia.com/advisories/56922", }, { name: "56787", refsource: "SECUNIA", url: "http://secunia.com/advisories/56787", }, { name: "1029720", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029720", }, { name: "56858", refsource: "SECUNIA", url: "http://secunia.com/advisories/56858", }, { name: "DSA-2858", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2858", }, { name: "56763", refsource: "SECUNIA", url: "http://secunia.com/advisories/56763", }, { name: "USN-2102-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "RHSA-2014:0133", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "102868", refsource: "OSVDB", url: "http://osvdb.org/102868", }, { name: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", refsource: "CONFIRM", url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", refsource: "SECUNIA", url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html", }, { name: "56761", refsource: "SECUNIA", url: "http://secunia.com/advisories/56761", }, { name: "firefox-cve20141482-code-exec(90894)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90894", }, { name: "FEDORA-2014-2041", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { name: "SUSE-SU-2014:0248", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "openSUSE-SU-2014:0213", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", refsource: "SECUNIA", url: "http://secunia.com/advisories/56767", }, { name: "56706", refsource: "SECUNIA", url: "http://secunia.com/advisories/56706", }, { name: "65328", refsource: "BID", url: "http://www.securityfocus.com/bid/65328", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2014-1482", datePublished: "2014-02-06T02:00:00", dateReserved: "2014-01-16T00:00:00", dateUpdated: "2024-08-06T09:42:35.543Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-5609
Vulnerability from cvelistv5
Published
2013-12-11 15:00
Modified
2024-08-06 17:15
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T17:15:21.492Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=905382", }, { name: "openSUSE-SU-2013:1958", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=886850", }, { name: "openSUSE-SU-2013:1957", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-104.html", }, { name: "RHSA-2013:1812", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=922009", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=937582", }, { name: "USN-2053-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-12-10T00:00:00", descriptions: [ { lang: "en", value: "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-20T16:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=905382", }, { name: "openSUSE-SU-2013:1958", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=886850", }, { name: "openSUSE-SU-2013:1957", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-104.html", }, { name: "RHSA-2013:1812", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=922009", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=937582", }, { name: "USN-2053-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2013-5609", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=905382", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=905382", }, { name: "openSUSE-SU-2013:1958", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=886850", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=886850", }, { name: "openSUSE-SU-2013:1957", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2052-1", }, { name: "http://www.mozilla.org/security/announce/2013/mfsa2013-104.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2013/mfsa2013-104.html", }, { name: "RHSA-2013:1812", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=922009", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=922009", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=937582", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=937582", }, { name: "USN-2053-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2013-5609", datePublished: "2013-12-11T15:00:00", dateReserved: "2013-08-26T00:00:00", dateUpdated: "2024-08-06T17:15:21.492Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-3340
Vulnerability from cvelistv5
Published
2015-04-28 14:00
Modified
2024-08-06 05:47
Severity ?
EPSS score ?
Summary
Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:47:57.338Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://xenbits.xen.org/xsa/advisory-132.html", }, { name: "FEDORA-2015-6569", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156005.html", }, { name: "SUSE-SU-2015:0923", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html", }, { name: "74248", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74248", }, { name: "1032158", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032158", }, { name: "DSA-3414", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3414", }, { name: "FEDORA-2015-6583", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157006.html", }, { name: "SUSE-SU-2015:0927", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html", }, { name: "GLSA-201604-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201604-03", }, { name: "FEDORA-2015-6670", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156979.html", }, { name: "openSUSE-SU-2015:0983", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-04-20T00:00:00", descriptions: [ { lang: "en", value: "Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://xenbits.xen.org/xsa/advisory-132.html", }, { name: "FEDORA-2015-6569", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156005.html", }, { name: "SUSE-SU-2015:0923", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html", }, { name: "74248", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74248", }, { name: "1032158", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032158", }, { name: "DSA-3414", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3414", }, { name: "FEDORA-2015-6583", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157006.html", }, { name: "SUSE-SU-2015:0927", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html", }, { name: "GLSA-201604-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201604-03", }, { name: "FEDORA-2015-6670", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156979.html", }, { name: "openSUSE-SU-2015:0983", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-3340", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://xenbits.xen.org/xsa/advisory-132.html", refsource: "CONFIRM", url: "http://xenbits.xen.org/xsa/advisory-132.html", }, { name: "FEDORA-2015-6569", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156005.html", }, { name: "SUSE-SU-2015:0923", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html", }, { name: "74248", refsource: "BID", url: "http://www.securityfocus.com/bid/74248", }, { name: "1032158", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032158", }, { name: "DSA-3414", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3414", }, { name: "FEDORA-2015-6583", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157006.html", }, { name: "SUSE-SU-2015:0927", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html", }, { name: "GLSA-201604-03", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201604-03", }, { name: "FEDORA-2015-6670", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156979.html", }, { name: "openSUSE-SU-2015:0983", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-3340", datePublished: "2015-04-28T14:00:00", dateReserved: "2015-04-20T00:00:00", dateUpdated: "2024-08-06T05:47:57.338Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1481
Vulnerability from cvelistv5
Published
2014-02-06 02:00
Modified
2024-08-06 09:42
Severity ?
EPSS score ?
Summary
Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:42:35.868Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-2119-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029721", }, { name: "65326", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/65326", }, { name: "openSUSE-SU-2014:0212", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { name: "1029717", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029717", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { name: "56922", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56922", }, { name: "56787", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56787", }, { name: "1029720", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029720", }, { name: "102863", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/102863", }, { name: "56858", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56858", }, { name: "DSA-2858", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { name: "56763", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56763", }, { name: "USN-2102-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "RHSA-2014:0133", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=936056", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "56761", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56761", }, { name: "FEDORA-2014-2041", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { name: "SUSE-SU-2014:0248", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "firefox-cve20141481-sec-bypass(90883)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90883", }, { name: "openSUSE-SU-2014:0213", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56767", }, { name: "56706", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56706", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-02-04T00:00:00", descriptions: [ { lang: "en", value: "Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-02T19:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { name: "USN-2119-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029721", }, { name: "65326", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/65326", }, { name: "openSUSE-SU-2014:0212", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { name: "1029717", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029717", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { name: "56922", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56922", }, { name: "56787", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56787", }, { name: "1029720", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029720", }, { name: "102863", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/102863", }, { name: "56858", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56858", }, { name: "DSA-2858", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { name: "56763", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56763", }, { name: "USN-2102-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "RHSA-2014:0133", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=936056", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "56761", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56761", }, { name: "FEDORA-2014-2041", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { name: "SUSE-SU-2014:0248", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "firefox-cve20141481-sec-bypass(90883)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90883", }, { name: "openSUSE-SU-2014:0213", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56767", }, { name: "56706", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56706", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2014-1481", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "USN-2119-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2119-1", }, { name: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", refsource: "CONFIRM", url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029721", }, { name: "65326", refsource: "BID", url: "http://www.securityfocus.com/bid/65326", }, { name: "openSUSE-SU-2014:0212", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { name: "1029717", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029717", }, { name: "https://8pecxstudios.com/?page_id=44080", refsource: "CONFIRM", url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { name: "56922", refsource: "SECUNIA", url: "http://secunia.com/advisories/56922", }, { name: "56787", refsource: "SECUNIA", url: "http://secunia.com/advisories/56787", }, { name: "1029720", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029720", }, { name: "102863", refsource: "OSVDB", url: "http://osvdb.org/102863", }, { name: "56858", refsource: "SECUNIA", url: "http://secunia.com/advisories/56858", }, { name: "DSA-2858", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2858", }, { name: "56763", refsource: "SECUNIA", url: "http://secunia.com/advisories/56763", }, { name: "USN-2102-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "RHSA-2014:0133", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=936056", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=936056", }, { name: "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html", }, { name: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", refsource: "CONFIRM", url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", refsource: "SECUNIA", url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "56761", refsource: "SECUNIA", url: "http://secunia.com/advisories/56761", }, { name: "FEDORA-2014-2041", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { name: "SUSE-SU-2014:0248", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "firefox-cve20141481-sec-bypass(90883)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90883", }, { name: "openSUSE-SU-2014:0213", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", refsource: "SECUNIA", url: "http://secunia.com/advisories/56767", }, { name: "56706", refsource: "SECUNIA", url: "http://secunia.com/advisories/56706", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2014-1481", datePublished: "2014-02-06T02:00:00", dateReserved: "2014-01-16T00:00:00", dateUpdated: "2024-08-06T09:42:35.868Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-1864
Vulnerability from cvelistv5
Published
2014-05-23 14:00
Modified
2024-08-06 15:20
Severity ?
EPSS score ?
Summary
The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a "billion laughs attack."
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/52659 | third-party-advisory, x_refsource_SECUNIA | |
| https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html | vendor-advisory, x_refsource_SUSE | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/82885 | vdb-entry, x_refsource_XF | |
| http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available | x_refsource_CONFIRM | |
| http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html | vendor-advisory, x_refsource_FEDORA | |
| http://osvdb.org/91439 | vdb-entry, x_refsource_OSVDB | |
| http://seclists.org/oss-sec/2013/q1/674 | mailing-list, x_refsource_MLIST | |
| http://sourceforge.net/p/opalvoip/code/28856 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/58520 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T15:20:35.180Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "52659", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/52659", }, { name: "SUSE-SU-2014:0237", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html", }, { name: "ptlib-xml-dos(82885)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/82885", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available", }, { name: "FEDORA-2013-2998", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html", }, { name: "91439", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/91439", }, { name: "[oss-security] 20130315 Re: CVE request: billion laughs flaw in ptlib", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2013/q1/674", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://sourceforge.net/p/opalvoip/code/28856", }, { name: "58520", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/58520", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-01-12T00:00:00", descriptions: [ { lang: "en", value: "The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a \"billion laughs attack.\"", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-28T12:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "52659", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/52659", }, { name: "SUSE-SU-2014:0237", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html", }, { name: "ptlib-xml-dos(82885)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/82885", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available", }, { name: "FEDORA-2013-2998", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html", }, { name: "91439", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/91439", }, { name: "[oss-security] 20130315 Re: CVE request: billion laughs flaw in ptlib", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2013/q1/674", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://sourceforge.net/p/opalvoip/code/28856", }, { name: "58520", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/58520", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-1864", datePublished: "2014-05-23T14:00:00", dateReserved: "2013-02-19T00:00:00", dateUpdated: "2024-08-06T15:20:35.180Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1510
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
EPSS score ?
Summary
The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:42:36.189Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "DSA-2911", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "66206", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/66206", }, { name: "DSA-2881", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982906", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-03-18T00:00:00", descriptions: [ { lang: "en", value: "The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-15T17:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "DSA-2911", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "66206", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/66206", }, { name: "DSA-2881", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982906", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2014-1510", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2014:0310", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "DSA-2911", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "66206", refsource: "BID", url: "http://www.securityfocus.com/bid/66206", }, { name: "DSA-2881", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2881", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=982906", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982906", }, { name: "openSUSE-SU-2014:0419", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { name: "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2014-1510", datePublished: "2014-03-19T10:00:00", dateReserved: "2014-01-16T00:00:00", dateUpdated: "2024-08-06T09:42:36.189Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-5753
Vulnerability from cvelistv5
Published
2018-01-04 13:00
Modified
2024-09-16 22:24
Severity ?
EPSS score ?
Summary
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Most Modern Operating Systems |
Version: All |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:11:48.670Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4609", }, { name: "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html", }, { name: "DSA-4187", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4187", }, { name: "USN-3542-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3542-2/", }, { name: "GLSA-201810-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201810-06", }, { name: "USN-3540-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3540-2/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://access.redhat.com/security/vulnerabilities/speculativeexecution", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002", }, { name: "USN-3597-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3597-1/", }, { name: "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html", }, { name: "SUSE-SU-2018:0012", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html", }, { name: "SUSE-SU-2018:0011", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4611", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert.vde.com/en-us/advisories/vde-2018-002", }, { name: "USN-3580-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3580-1/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K91229003", }, { name: "openSUSE-SU-2018:0022", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html", }, { name: "DSA-4188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4188", }, { name: "RHSA-2018:0292", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:0292", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://xenbits.xen.org/xsa/advisory-254.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20180104-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.synology.com/support/security/Synology_SA_18_01", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt", }, { name: "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability", }, { name: "VU#584653", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/584653", }, { name: "VU#180049", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/180049", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert.vde.com/en-us/advisories/vde-2018-003", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03871en_us", }, { name: "USN-3549-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3549-1/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.citrix.com/article/CTX231399", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://spectreattack.com/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/", }, { name: "1040071", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040071", }, { name: "102371", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/102371", }, { name: "USN-3597-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3597-2/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4614", }, { name: "SUSE-SU-2018:0010", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html", }, { name: "USN-3540-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3540-1/", }, { name: "20180104 CPU Side-Channel Information Disclosure Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel", }, { name: "USN-3516-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/usn/usn-3516-1/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html", }, { name: "43427", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/43427/", }, { name: "USN-3541-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3541-1/", }, { name: "USN-3541-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3541-2/", }, { name: "USN-3542-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3542-1/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/solutions/LEN-18282", }, { name: "openSUSE-SU-2018:0023", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4613", }, { name: "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { name: "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { name: "20190624 [SECURITY] [DSA 4469-1] libvirt security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Jun/36", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cdrdv2.intel.com/v1/dl/getContent/685359", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Most Modern Operating Systems", vendor: "Intel Corporation", versions: [ { status: "affected", version: "All", }, ], }, ], datePublic: "2018-01-03T00:00:00", descriptions: [ { lang: "en", value: "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-19T17:48:07", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4609", }, { name: "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html", }, { name: "DSA-4187", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2018/dsa-4187", }, { name: "USN-3542-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3542-2/", }, { name: "GLSA-201810-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201810-06", }, { name: "USN-3540-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3540-2/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://access.redhat.com/security/vulnerabilities/speculativeexecution", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002", }, { name: "USN-3597-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3597-1/", }, { name: "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html", }, { name: "SUSE-SU-2018:0012", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html", }, { name: "SUSE-SU-2018:0011", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4611", }, { tags: [ "x_refsource_MISC", ], url: "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert.vde.com/en-us/advisories/vde-2018-002", }, { name: "USN-3580-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3580-1/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K91229003", }, { name: "openSUSE-SU-2018:0022", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html", }, { name: "DSA-4188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2018/dsa-4188", }, { name: "RHSA-2018:0292", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:0292", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://xenbits.xen.org/xsa/advisory-254.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20180104-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.synology.com/support/security/Synology_SA_18_01", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt", }, { name: "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability", }, { name: "VU#584653", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/584653", }, { name: "VU#180049", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "https://www.kb.cert.org/vuls/id/180049", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert.vde.com/en-us/advisories/vde-2018-003", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03871en_us", }, { name: "USN-3549-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3549-1/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.citrix.com/article/CTX231399", }, { tags: [ "x_refsource_MISC", ], url: "https://spectreattack.com/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/", }, { name: "1040071", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040071", }, { name: "102371", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/102371", }, { name: "USN-3597-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3597-2/", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4614", }, { name: "SUSE-SU-2018:0010", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html", }, { name: "USN-3540-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3540-1/", }, { name: "20180104 CPU Side-Channel Information Disclosure Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel", }, { name: "USN-3516-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/usn/usn-3516-1/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html", }, { name: "43427", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/43427/", }, { name: "USN-3541-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3541-1/", }, { name: "USN-3541-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3541-2/", }, { name: "USN-3542-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3542-1/", }, { tags: [ "x_refsource_MISC", ], url: "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/solutions/LEN-18282", }, { name: "openSUSE-SU-2018:0023", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4613", }, { name: "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { name: "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { name: "20190624 [SECURITY] [DSA 4469-1] libvirt security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Jun/36", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cdrdv2.intel.com/v1/dl/getContent/685359", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2018-01-03T00:00:00", ID: "CVE-2017-5753", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Most Modern Operating Systems", version: { version_data: [ { version_value: "All", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4609", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4609", }, { name: "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html", }, { name: "DSA-4187", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4187", }, { name: "USN-3542-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3542-2/", }, { name: "GLSA-201810-06", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201810-06", }, { name: "USN-3540-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3540-2/", }, { name: "https://access.redhat.com/security/vulnerabilities/speculativeexecution", refsource: "CONFIRM", url: "https://access.redhat.com/security/vulnerabilities/speculativeexecution", }, { name: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002", refsource: "CONFIRM", url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002", }, { name: "USN-3597-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3597-1/", }, { name: "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html", }, { name: "SUSE-SU-2018:0012", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html", }, { name: "SUSE-SU-2018:0011", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html", }, { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4611", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4611", }, { name: "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", refsource: "MISC", url: "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", }, { name: "https://cert.vde.com/en-us/advisories/vde-2018-002", refsource: "CONFIRM", url: "https://cert.vde.com/en-us/advisories/vde-2018-002", }, { name: "USN-3580-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3580-1/", }, { name: "https://support.f5.com/csp/article/K91229003", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K91229003", }, { name: "openSUSE-SU-2018:0022", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html", }, { name: "DSA-4188", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4188", }, { name: "RHSA-2018:0292", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:0292", }, { name: "http://xenbits.xen.org/xsa/advisory-254.html", refsource: "CONFIRM", url: "http://xenbits.xen.org/xsa/advisory-254.html", }, { name: "https://security.netapp.com/advisory/ntap-20180104-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20180104-0001/", }, { name: "https://www.synology.com/support/security/Synology_SA_18_01", refsource: "CONFIRM", url: "https://www.synology.com/support/security/Synology_SA_18_01", }, { name: "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html", }, { name: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt", refsource: "CONFIRM", url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt", }, { name: "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html", }, { name: "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability", refsource: "CONFIRM", url: "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability", }, { name: "VU#584653", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/584653", }, { name: "VU#180049", refsource: "CERT-VN", url: "https://www.kb.cert.org/vuls/id/180049", }, { name: "https://cert.vde.com/en-us/advisories/vde-2018-003", refsource: "CONFIRM", url: "https://cert.vde.com/en-us/advisories/vde-2018-003", }, { name: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", refsource: "CONFIRM", url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us", }, { name: "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001", refsource: "CONFIRM", url: "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03871en_us", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03871en_us", }, { name: "USN-3549-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3549-1/", }, { name: "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/", refsource: "CONFIRM", url: "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/", }, { name: "https://support.citrix.com/article/CTX231399", refsource: "CONFIRM", url: "https://support.citrix.com/article/CTX231399", }, { name: "https://spectreattack.com/", refsource: "MISC", url: "https://spectreattack.com/", }, { name: "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/", refsource: "CONFIRM", url: "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/", }, { name: "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/", refsource: "CONFIRM", url: "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/", }, { name: "1040071", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040071", }, { name: "102371", refsource: "BID", url: "http://www.securityfocus.com/bid/102371", }, { name: "USN-3597-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3597-2/", }, { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4614", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4614", }, { name: "SUSE-SU-2018:0010", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html", }, { name: "USN-3540-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3540-1/", }, { name: "20180104 CPU Side-Channel Information Disclosure Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel", }, { name: "USN-3516-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/usn/usn-3516-1/", }, { name: "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html", refsource: "CONFIRM", url: "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html", }, { name: "43427", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/43427/", }, { name: "USN-3541-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3541-1/", }, { name: "USN-3541-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3541-2/", }, { name: "USN-3542-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3542-1/", }, { name: "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", refsource: "MISC", url: "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", }, { name: "https://support.lenovo.com/us/en/solutions/LEN-18282", refsource: "CONFIRM", url: "https://support.lenovo.com/us/en/solutions/LEN-18282", }, { name: "openSUSE-SU-2018:0023", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html", }, { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4613", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4613", }, { name: "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { name: "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { name: "20190624 [SECURITY] [DSA 4469-1] libvirt security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Jun/36", }, { name: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt", refsource: "CONFIRM", url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf", }, { name: "https://cdrdv2.intel.com/v1/dl/getContent/685359", refsource: "CONFIRM", url: "https://cdrdv2.intel.com/v1/dl/getContent/685359", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2017-5753", datePublished: "2018-01-04T13:00:00Z", dateReserved: "2017-02-01T00:00:00", dateUpdated: "2024-09-16T22:24:53.960Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-6673
Vulnerability from cvelistv5
Published
2013-12-11 15:00
Modified
2024-08-06 17:46
Severity ?
EPSS score ?
Summary
Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T17:46:22.836Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "64213", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/64213", }, { name: "openSUSE-SU-2013:1958", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { name: "openSUSE-SU-2013:1957", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=917380", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-113.html", }, { name: "USN-2053-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-12-10T00:00:00", descriptions: [ { lang: "en", value: "Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-20T16:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { name: "64213", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/64213", }, { name: "openSUSE-SU-2013:1958", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { name: "openSUSE-SU-2013:1957", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=917380", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-113.html", }, { name: "USN-2053-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2013-6673", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "64213", refsource: "BID", url: "http://www.securityfocus.com/bid/64213", }, { name: "openSUSE-SU-2013:1958", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { name: "openSUSE-SU-2013:1957", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2052-1", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=917380", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=917380", }, { name: "http://www.mozilla.org/security/announce/2013/mfsa2013-113.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2013/mfsa2013-113.html", }, { name: "USN-2053-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2013-6673", datePublished: "2013-12-11T15:00:00", dateReserved: "2013-11-05T00:00:00", dateUpdated: "2024-08-06T17:46:22.836Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-5616
Vulnerability from cvelistv5
Published
2013-12-11 15:00
Modified
2024-08-06 17:15
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T17:15:21.432Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "openSUSE-SU-2013:1958", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { name: "openSUSE-SU-2013:1957", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=938341", }, { name: "FEDORA-2013-23127", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-108.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { name: "RHSA-2013:1812", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { name: "USN-2053-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-12-10T00:00:00", descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-20T16:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { name: "openSUSE-SU-2013:1958", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { name: "openSUSE-SU-2013:1957", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=938341", }, { name: "FEDORA-2013-23127", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-108.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { name: "RHSA-2013:1812", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { name: "USN-2053-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2013-5616", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "openSUSE-SU-2013:1958", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { name: "openSUSE-SU-2013:1957", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=938341", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=938341", }, { name: "FEDORA-2013-23127", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { name: "http://www.mozilla.org/security/announce/2013/mfsa2013-108.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2013/mfsa2013-108.html", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2052-1", }, { name: "RHSA-2013:1812", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { name: "USN-2053-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2013-5616", datePublished: "2013-12-11T15:00:00", dateReserved: "2013-08-26T00:00:00", dateUpdated: "2024-08-06T17:15:21.432Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-3951
Vulnerability from cvelistv5
Published
2016-05-02 10:00
Modified
2024-08-06 00:10
Severity ?
EPSS score ?
Summary
Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:10:31.959Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SU-2016:1690", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { name: "USN-3004-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3004-1", }, { name: "USN-3001-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3001-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/torvalds/linux/commit/4d06dd537f95683aba3651098ae288b7cbff8274", }, { name: "SUSE-SU-2016:1696", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1324782", }, { name: "USN-3021-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3021-2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b", }, { name: "SUSE-SU-2016:1764", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html", }, { name: "USN-3000-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3000-1", }, { name: "DSA-3607", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3607", }, { name: "91028", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/91028", }, { name: "1036763", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036763", }, { name: "USN-3002-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3002-1", }, { name: "USN-3021-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3021-1", }, { name: "[oss-security] 20160406 Fwd: CVE Request: Linux: usbnet: memory corruption triggered by invalid USB descriptor", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/04/06/4", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/torvalds/linux/commit/1666984c8625b3db19a9abc298931d35ab7bc64b", }, { name: "USN-2989-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2989-1", }, { name: "[netdev] 20160304 Re: Possible double-free in the usbnet driver", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://www.spinics.net/lists/netdev/msg367669.html", }, { name: "openSUSE-SU-2016:1382", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html", }, { name: "USN-3003-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3003-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274", }, { name: "USN-2998-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2998-1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-03-04T00:00:00", descriptions: [ { lang: "en", value: "Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-12T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "SUSE-SU-2016:1690", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { name: "USN-3004-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3004-1", }, { name: "USN-3001-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3001-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/torvalds/linux/commit/4d06dd537f95683aba3651098ae288b7cbff8274", }, { name: "SUSE-SU-2016:1696", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1324782", }, { name: "USN-3021-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3021-2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b", }, { name: "SUSE-SU-2016:1764", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html", }, { name: "USN-3000-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3000-1", }, { name: "DSA-3607", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3607", }, { name: "91028", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/91028", }, { name: "1036763", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036763", }, { name: "USN-3002-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3002-1", }, { name: "USN-3021-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3021-1", }, { name: "[oss-security] 20160406 Fwd: CVE Request: Linux: usbnet: memory corruption triggered by invalid USB descriptor", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/04/06/4", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/torvalds/linux/commit/1666984c8625b3db19a9abc298931d35ab7bc64b", }, { name: "USN-2989-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2989-1", }, { name: "[netdev] 20160304 Re: Possible double-free in the usbnet driver", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://www.spinics.net/lists/netdev/msg367669.html", }, { name: "openSUSE-SU-2016:1382", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html", }, { name: "USN-3003-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3003-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274", }, { name: "USN-2998-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2998-1", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-3951", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SU-2016:1690", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { name: "USN-3004-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3004-1", }, { name: "USN-3001-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3001-1", }, { name: "https://github.com/torvalds/linux/commit/4d06dd537f95683aba3651098ae288b7cbff8274", refsource: "CONFIRM", url: "https://github.com/torvalds/linux/commit/4d06dd537f95683aba3651098ae288b7cbff8274", }, { name: "SUSE-SU-2016:1696", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1324782", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1324782", }, { name: "USN-3021-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3021-2", }, { name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b", refsource: "CONFIRM", url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b", }, { name: "SUSE-SU-2016:1764", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html", }, { name: "USN-3000-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3000-1", }, { name: "DSA-3607", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3607", }, { name: "91028", refsource: "BID", url: "http://www.securityfocus.com/bid/91028", }, { name: "1036763", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036763", }, { name: "USN-3002-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3002-1", }, { name: "USN-3021-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3021-1", }, { name: "[oss-security] 20160406 Fwd: CVE Request: Linux: usbnet: memory corruption triggered by invalid USB descriptor", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/04/06/4", }, { name: "https://github.com/torvalds/linux/commit/1666984c8625b3db19a9abc298931d35ab7bc64b", refsource: "CONFIRM", url: "https://github.com/torvalds/linux/commit/1666984c8625b3db19a9abc298931d35ab7bc64b", }, { name: "USN-2989-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2989-1", }, { name: "[netdev] 20160304 Re: Possible double-free in the usbnet driver", refsource: "MLIST", url: "https://www.spinics.net/lists/netdev/msg367669.html", }, { name: "openSUSE-SU-2016:1382", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html", }, { name: "USN-3003-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3003-1", }, { name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274", refsource: "CONFIRM", url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274", }, { name: "USN-2998-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2998-1", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-3951", datePublished: "2016-05-02T10:00:00", dateReserved: "2016-04-05T00:00:00", dateUpdated: "2024-08-06T00:10:31.959Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1486
Vulnerability from cvelistv5
Published
2014-02-06 02:00
Modified
2024-08-06 09:42
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:42:36.212Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-2119-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029721", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=942164", }, { name: "openSUSE-SU-2014:0212", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { name: "1029717", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029717", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { name: "56922", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56922", }, { name: "56787", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56787", }, { name: "1029720", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029720", }, { name: "56858", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56858", }, { name: "DSA-2858", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { name: "56763", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56763", }, { name: "USN-2102-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "RHSA-2014:0133", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "102872", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/102872", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "56761", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56761", }, { name: "FEDORA-2014-2041", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { name: "65334", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/65334", }, { name: "firefox-cve20141486-code-exec(90890)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90890", }, { name: "SUSE-SU-2014:0248", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "openSUSE-SU-2014:0213", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56767", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html", }, { name: "56706", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56706", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-02-04T00:00:00", descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-02T19:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { name: "USN-2119-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029721", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=942164", }, { name: "openSUSE-SU-2014:0212", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { name: "1029717", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029717", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { name: "56922", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56922", }, { name: "56787", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56787", }, { name: "1029720", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029720", }, { name: "56858", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56858", }, { name: "DSA-2858", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { name: "56763", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56763", }, { name: "USN-2102-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "RHSA-2014:0133", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "102872", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/102872", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "56761", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56761", }, { name: "FEDORA-2014-2041", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { name: "65334", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/65334", }, { name: "firefox-cve20141486-code-exec(90890)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90890", }, { name: "SUSE-SU-2014:0248", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "openSUSE-SU-2014:0213", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56767", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html", }, { name: "56706", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56706", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2014-1486", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "USN-2119-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2119-1", }, { name: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", refsource: "CONFIRM", url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029721", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=942164", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=942164", }, { name: "openSUSE-SU-2014:0212", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { name: "1029717", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029717", }, { name: "https://8pecxstudios.com/?page_id=44080", refsource: "CONFIRM", url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { name: "56922", refsource: "SECUNIA", url: "http://secunia.com/advisories/56922", }, { name: "56787", refsource: "SECUNIA", url: "http://secunia.com/advisories/56787", }, { name: "1029720", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029720", }, { name: "56858", refsource: "SECUNIA", url: "http://secunia.com/advisories/56858", }, { name: "DSA-2858", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2858", }, { name: "56763", refsource: "SECUNIA", url: "http://secunia.com/advisories/56763", }, { name: "USN-2102-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "RHSA-2014:0133", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "102872", refsource: "OSVDB", url: "http://osvdb.org/102872", }, { name: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", refsource: "CONFIRM", url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", refsource: "SECUNIA", url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "56761", refsource: "SECUNIA", url: "http://secunia.com/advisories/56761", }, { name: "FEDORA-2014-2041", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { name: "65334", refsource: "BID", url: "http://www.securityfocus.com/bid/65334", }, { name: "firefox-cve20141486-code-exec(90890)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90890", }, { name: "SUSE-SU-2014:0248", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "openSUSE-SU-2014:0213", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", refsource: "SECUNIA", url: "http://secunia.com/advisories/56767", }, { name: "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html", }, { name: "56706", refsource: "SECUNIA", url: "http://secunia.com/advisories/56706", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2014-1486", datePublished: "2014-02-06T02:00:00", dateReserved: "2014-01-16T00:00:00", dateUpdated: "2024-08-06T09:42:36.212Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4419
Vulnerability from cvelistv5
Published
2013-11-05 20:00
Modified
2024-08-06 16:45
Severity ?
EPSS score ?
Summary
The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitrary commands by creating /tmp/.guestfish-$UID/ in advance.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2013-1536.html | vendor-advisory, x_refsource_REDHAT | |
| http://secunia.com/advisories/55813 | third-party-advisory, x_refsource_SECUNIA | |
| https://www.redhat.com/archives/libguestfs/2013-October/msg00031.html | mailing-list, x_refsource_MLIST | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1016960 | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00001.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:45:14.194Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2013:1536", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1536.html", }, { name: "55813", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/55813", }, { name: "[Libguestfs] 20131017 ANNOUNCE: CVE-2013-4419: insecure temporary directory handling for guestfish's network socket", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://www.redhat.com/archives/libguestfs/2013-October/msg00031.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1016960", }, { name: "SUSE-SU-2013:1626", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00001.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-10-17T00:00:00", descriptions: [ { lang: "en", value: "The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitrary commands by creating /tmp/.guestfish-$UID/ in advance.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-12-07T20:57:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2013:1536", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1536.html", }, { name: "55813", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/55813", }, { name: "[Libguestfs] 20131017 ANNOUNCE: CVE-2013-4419: insecure temporary directory handling for guestfish's network socket", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://www.redhat.com/archives/libguestfs/2013-October/msg00031.html", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1016960", }, { name: "SUSE-SU-2013:1626", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00001.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2013-4419", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitrary commands by creating /tmp/.guestfish-$UID/ in advance.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2013:1536", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2013-1536.html", }, { name: "55813", refsource: "SECUNIA", url: "http://secunia.com/advisories/55813", }, { name: "[Libguestfs] 20131017 ANNOUNCE: CVE-2013-4419: insecure temporary directory handling for guestfish's network socket", refsource: "MLIST", url: "https://www.redhat.com/archives/libguestfs/2013-October/msg00031.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1016960", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1016960", }, { name: "SUSE-SU-2013:1626", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00001.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-4419", datePublished: "2013-11-05T20:00:00", dateReserved: "2013-06-12T00:00:00", dateUpdated: "2024-08-06T16:45:14.194Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-6671
Vulnerability from cvelistv5
Published
2013-12-11 15:00
Modified
2024-08-06 17:46
Severity ?
EPSS score ?
Summary
The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T17:46:22.682Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "openSUSE-SU-2013:1958", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { name: "openSUSE-SU-2013:1957", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029476", }, { name: "64212", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/64212", }, { name: "openSUSE-SU-2013:1918", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=930281", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-111.html", }, { name: "RHSA-2013:1812", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { name: "USN-2053-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-12-10T00:00:00", descriptions: [ { lang: "en", value: "The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-20T16:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { name: "openSUSE-SU-2013:1958", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { name: "openSUSE-SU-2013:1957", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029476", }, { name: "64212", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/64212", }, { name: "openSUSE-SU-2013:1918", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=930281", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-111.html", }, { name: "RHSA-2013:1812", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { name: "USN-2053-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2013-6671", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "openSUSE-SU-2013:1958", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { name: "openSUSE-SU-2013:1957", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029470", }, { name: "openSUSE-SU-2013:1917", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029476", }, { name: "64212", refsource: "BID", url: "http://www.securityfocus.com/bid/64212", }, { name: "openSUSE-SU-2013:1918", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2052-1", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=930281", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=930281", }, { name: "http://www.mozilla.org/security/announce/2013/mfsa2013-111.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2013/mfsa2013-111.html", }, { name: "RHSA-2013:1812", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { name: "USN-2053-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2013-6671", datePublished: "2013-12-11T15:00:00", dateReserved: "2013-11-05T00:00:00", dateUpdated: "2024-08-06T17:46:22.682Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-8845
Vulnerability from cvelistv5
Published
2016-04-27 17:00
Modified
2024-08-06 08:29
Severity ?
EPSS score ?
Summary
The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T08:29:22.035Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SU-2016:1690", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1", }, { name: "openSUSE-SU-2016:2184", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { name: "[oss-security] 20160413 CVE Request: Linux kernel: incorrect restoration of machine specific registers from signal handler.", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/04/13/1", }, { name: "RHSA-2016:2584", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html", }, { name: "RHSA-2016:2574", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html", }, { name: "1035594", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1035594", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1326540", }, { name: "SUSE-SU-2016:2105", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/torvalds/linux/commit/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142", }, { name: "SUSE-SU-2016:1937", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-01-31T00:00:00", descriptions: [ { lang: "en", value: "The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "SUSE-SU-2016:1690", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1", }, { name: "openSUSE-SU-2016:2184", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { name: "[oss-security] 20160413 CVE Request: Linux kernel: incorrect restoration of machine specific registers from signal handler.", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/04/13/1", }, { name: "RHSA-2016:2584", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html", }, { name: "RHSA-2016:2574", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html", }, { name: "1035594", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1035594", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1326540", }, { name: "SUSE-SU-2016:2105", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/torvalds/linux/commit/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142", }, { name: "SUSE-SU-2016:1937", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-8845", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SU-2016:1690", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142", refsource: "CONFIRM", url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142", }, { name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1", refsource: "CONFIRM", url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1", }, { name: "openSUSE-SU-2016:2184", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { name: "[oss-security] 20160413 CVE Request: Linux kernel: incorrect restoration of machine specific registers from signal handler.", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/04/13/1", }, { name: "RHSA-2016:2584", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html", }, { name: "RHSA-2016:2574", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html", }, { name: "1035594", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1035594", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1326540", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1326540", }, { name: "SUSE-SU-2016:2105", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { name: "https://github.com/torvalds/linux/commit/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142", refsource: "CONFIRM", url: "https://github.com/torvalds/linux/commit/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142", }, { name: "SUSE-SU-2016:1937", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-8845", datePublished: "2016-04-27T17:00:00", dateReserved: "2016-04-13T00:00:00", dateUpdated: "2024-08-06T08:29:22.035Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1514
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
EPSS score ?
Summary
vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:42:36.390Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "DSA-2911", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html", }, { name: "DSA-2881", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=983344", }, { name: "66240", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/66240", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-03-18T00:00:00", descriptions: [ { lang: "en", value: "vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-15T17:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "DSA-2911", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html", }, { name: "DSA-2881", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=983344", }, { name: "66240", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/66240", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2014-1514", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2014:0310", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "DSA-2911", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html", }, { name: "DSA-2881", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2881", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=983344", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=983344", }, { name: "66240", refsource: "BID", url: "http://www.securityfocus.com/bid/66240", }, { name: "openSUSE-SU-2014:0419", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2014-1514", datePublished: "2014-03-19T10:00:00", dateReserved: "2014-01-16T00:00:00", dateUpdated: "2024-08-06T09:42:36.390Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1487
Vulnerability from cvelistv5
Published
2014-02-06 02:00
Modified
2024-08-06 09:42
Severity ?
EPSS score ?
Summary
The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:42:35.982Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-2119-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029721", }, { name: "openSUSE-SU-2014:0212", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=947592", }, { name: "1029717", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029717", }, { name: "65330", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/65330", }, { name: "mozilla-cve20141487-info-disc(90889)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90889", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { name: "56922", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56922", }, { name: "56787", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56787", }, { name: "1029720", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029720", }, { name: "56858", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56858", }, { name: "DSA-2858", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { name: "56763", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56763", }, { name: "USN-2102-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "102873", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/102873", }, { name: "RHSA-2014:0133", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "56761", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56761", }, { name: "FEDORA-2014-2041", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { name: "SUSE-SU-2014:0248", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "openSUSE-SU-2014:0213", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56767", }, { name: "56706", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/56706", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-02-04T00:00:00", descriptions: [ { lang: "en", value: "The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-02T19:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { name: "USN-2119-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029721", }, { name: "openSUSE-SU-2014:0212", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=947592", }, { name: "1029717", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029717", }, { name: "65330", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/65330", }, { name: "mozilla-cve20141487-info-disc(90889)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90889", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { name: "56922", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56922", }, { name: "56787", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56787", }, { name: "1029720", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029720", }, { name: "56858", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56858", }, { name: "DSA-2858", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { name: "56763", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56763", }, { name: "USN-2102-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "102873", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/102873", }, { name: "RHSA-2014:0133", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "56761", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56761", }, { name: "FEDORA-2014-2041", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { name: "SUSE-SU-2014:0248", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "openSUSE-SU-2014:0213", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56767", }, { name: "56706", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/56706", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2014-1487", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "USN-2119-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2119-1", }, { name: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", refsource: "CONFIRM", url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { name: "1029721", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029721", }, { name: "openSUSE-SU-2014:0212", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=947592", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=947592", }, { name: "1029717", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029717", }, { name: "65330", refsource: "BID", url: "http://www.securityfocus.com/bid/65330", }, { name: "mozilla-cve20141487-info-disc(90889)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90889", }, { name: "https://8pecxstudios.com/?page_id=44080", refsource: "CONFIRM", url: "https://8pecxstudios.com/?page_id=44080", }, { name: "RHSA-2014:0132", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { name: "56922", refsource: "SECUNIA", url: "http://secunia.com/advisories/56922", }, { name: "56787", refsource: "SECUNIA", url: "http://secunia.com/advisories/56787", }, { name: "1029720", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029720", }, { name: "56858", refsource: "SECUNIA", url: "http://secunia.com/advisories/56858", }, { name: "DSA-2858", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2858", }, { name: "56763", refsource: "SECUNIA", url: "http://secunia.com/advisories/56763", }, { name: "USN-2102-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2102-2", }, { name: "102873", refsource: "OSVDB", url: "http://osvdb.org/102873", }, { name: "RHSA-2014:0133", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", refsource: "CONFIRM", url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { name: "56888", refsource: "SECUNIA", url: "http://secunia.com/advisories/56888", }, { name: "FEDORA-2014-2083", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { name: "openSUSE-SU-2014:0419", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "56761", refsource: "SECUNIA", url: "http://secunia.com/advisories/56761", }, { name: "FEDORA-2014-2041", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { name: "SUSE-SU-2014:0248", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { name: "openSUSE-SU-2014:0213", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { name: "USN-2102-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2102-1", }, { name: "56767", refsource: "SECUNIA", url: "http://secunia.com/advisories/56767", }, { name: "56706", refsource: "SECUNIA", url: "http://secunia.com/advisories/56706", }, { name: "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2014-1487", datePublished: "2014-02-06T02:00:00", dateReserved: "2014-01-16T00:00:00", dateUpdated: "2024-08-06T09:42:35.982Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1496
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
EPSS score ?
Summary
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.mozilla.org/show_bug.cgi?id=925747 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201504-01 | vendor-advisory, x_refsource_GENTOO | |
| http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html | vendor-advisory, x_refsource_SUSE | |
| http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | x_refsource_CONFIRM | |
| http://www.mozilla.org/security/announce/2014/mfsa2014-16.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:42:36.129Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=925747", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-16.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-03-18T00:00:00", descriptions: [ { lang: "en", value: "Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-20T16:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=925747", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-16.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2014-1496", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=925747", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=925747", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "http://www.mozilla.org/security/announce/2014/mfsa2014-16.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-16.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2014-1496", datePublished: "2014-03-19T10:00:00", dateReserved: "2014-01-16T00:00:00", dateUpdated: "2024-08-06T09:42:36.129Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1513
Vulnerability from cvelistv5
Published
2014-03-19 10:00
Modified
2024-08-06 09:42
Severity ?
EPSS score ?
Summary
TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:42:36.222Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-31.html", }, { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "66203", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/66203", }, { name: "DSA-2911", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "DSA-2881", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982974", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-03-18T00:00:00", descriptions: [ { lang: "en", value: "TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-15T17:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-31.html", }, { name: "RHSA-2014:0310", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "66203", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/66203", }, { name: "DSA-2911", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "DSA-2881", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982974", }, { name: "openSUSE-SU-2014:0419", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2014-1513", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.mozilla.org/security/announce/2014/mfsa2014-31.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-31.html", }, { name: "RHSA-2014:0310", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { name: "66203", refsource: "BID", url: "http://www.securityfocus.com/bid/66203", }, { name: "DSA-2911", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2911", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "SUSE-SU-2014:0418", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "USN-2151-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2151-1", }, { name: "DSA-2881", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2881", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=982974", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982974", }, { name: "openSUSE-SU-2014:0419", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { name: "RHSA-2014:0316", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { name: "openSUSE-SU-2014:0584", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { name: "openSUSE-SU-2014:0448", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2014-1513", datePublished: "2014-03-19T10:00:00", dateReserved: "2014-01-16T00:00:00", dateUpdated: "2024-08-06T09:42:36.222Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-5613
Vulnerability from cvelistv5
Published
2013-12-11 15:00
Modified
2024-08-06 17:15
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T17:15:21.465Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-114.html", }, { name: "openSUSE-SU-2013:1958", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=930381", }, { name: "openSUSE-SU-2013:1957", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029470", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=932449", }, { name: "openSUSE-SU-2013:1917", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { name: "RHSA-2013:1812", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { name: "USN-2053-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-12-10T00:00:00", descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-20T16:57:01", orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", shortName: "mozilla", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-114.html", }, { name: "openSUSE-SU-2013:1958", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=930381", }, { name: "openSUSE-SU-2013:1957", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029470", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=932449", }, { name: "openSUSE-SU-2013:1917", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { name: "GLSA-201504-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-01", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { name: "RHSA-2013:1812", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { name: "USN-2053-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@mozilla.org", ID: "CVE-2013-5613", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.mozilla.org/security/announce/2013/mfsa2013-114.html", refsource: "CONFIRM", url: "http://www.mozilla.org/security/announce/2013/mfsa2013-114.html", }, { name: "openSUSE-SU-2013:1958", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { name: "SUSE-SU-2013:1919", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=930381", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=930381", }, { name: "openSUSE-SU-2013:1957", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { name: "FEDORA-2013-23127", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { name: "FEDORA-2013-23519", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { name: "1029470", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029470", }, { name: "https://bugzilla.mozilla.org/show_bug.cgi?id=932449", refsource: "CONFIRM", url: "https://bugzilla.mozilla.org/show_bug.cgi?id=932449", }, { name: "openSUSE-SU-2013:1917", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { name: "openSUSE-SU-2013:1959", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { name: "GLSA-201504-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-01", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2013:1916", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { name: "openSUSE-SU-2014:0008", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { name: "1029476", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1029476", }, { name: "openSUSE-SU-2013:1918", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { name: "FEDORA-2013-23291", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { name: "USN-2052-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2052-1", }, { name: "RHSA-2013:1812", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { name: "USN-2053-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2053-1", }, { name: "FEDORA-2013-23295", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe", assignerShortName: "mozilla", cveId: "CVE-2013-5613", datePublished: "2013-12-11T15:00:00", dateReserved: "2013-08-26T00:00:00", dateUpdated: "2024-08-06T17:15:21.465Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2013-12-11 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.04 | |
| canonical | ubuntu_linux | 13.10 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "50A3A702-C2B1-4311-9EBC-D62079E3DCD5", versionEndExcluding: "26.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "924CA671-D089-40FA-BE02-6938FD094713", versionEndExcluding: "24.2", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "D337932C-EF9D-4511-87DB-54262C6635D9", versionEndExcluding: "2.23", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "7BD42C60-4027-4EDE-A61B-84C80154A5C3", versionEndExcluding: "24.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*", matchCriteriaId: "EFAA48D9-BEB4-4E49-AD50-325C262D46D9", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", matchCriteriaId: "D806A17E-B8F9-466D-807D-3F1E77603DC8", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:-:*:*:*", matchCriteriaId: "A3E8BD00-CF9C-404F-A25C-8917A001A6D2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*", matchCriteriaId: "E14271AE-1309-48F3-B9C6-D7DEEC488279", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", matchCriteriaId: "5991814D-CA77-4C25-90D2-DB542B17E0AD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.", }, { lang: "es", value: "L función nsGfxScrollFrameInner::IsLTR en Mozilla Firefox anterior a 26.0, Firefox ESR 24.x anteriores a 24.2, Thunderbird anteriores a 24.2, y SeaMonkey anteriores a 2.23 permite a atacantes remotos ejecutar código de forma arbitraria a través del uso de código JavaScript manipulado para listas ordenadas de elementos.", }, ], id: "CVE-2013-6671", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2013-12-11T15:55:13.120", references: [ { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-111.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/64212", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029470", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029476", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=930281", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-111.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/64212", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029470", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029476", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=930281", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-02-06 05:44
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| debian | debian_linux | 7.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "86B3B84A-9D1F-4863-987C-5C958B05C523", versionEndExcluding: "27.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "5D5BFC32-48C3-431E-BD30-67BF408025F1", versionEndExcluding: "24.3", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "328319A6-42EE-408E-91A8-87156C17AE46", versionEndExcluding: "2.24", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "3CCF1ADE-2590-49D1-AD38-B7EF93AC92BE", versionEndExcluding: "24.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", matchCriteriaId: "5991814D-CA77-4C25-90D2-DB542B17E0AD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "B2866FAF-4340-4EA7-9009-6594ADA27AF9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.", }, { lang: "es", value: "Vulnerabilidad de uso después de liberación en la función imgRequestProxy en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 permite a atacantes remotos ejecutar código arbitrario a través de vectores involucrando valores Content-Type no especificados para datos de imagen.", }, ], id: "CVE-2014-1486", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2014-02-06T05:44:24.987", references: [ { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://osvdb.org/102872", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56706", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56761", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56763", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56767", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56787", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56858", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56888", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56922", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/65334", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029717", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029720", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029721", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { source: "security@mozilla.org", tags: [ "Broken Link", "URL Repurposed", ], url: "https://8pecxstudios.com/?page_id=44080", }, { source: "security@mozilla.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=942164", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90890", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://osvdb.org/102872", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56706", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56761", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56763", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56767", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56787", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56858", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56888", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56922", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/65334", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029717", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029720", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "URL Repurposed", ], url: "https://8pecxstudios.com/?page_id=44080", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=942164", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90890", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "422EC5FE-DA03-4C14-ADED-D6212BE074D5", versionEndExcluding: "28.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "F43E2CDB-F255-4199-A33E-BBFD18BA241C", versionEndExcluding: "24.4", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "097F1C3A-4546-43F3-8CC2-50F8AF05B791", versionEndExcluding: "2.25", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "507FBFAF-784E-4C0E-B959-9380C31EBD1B", versionEndExcluding: "24.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:*:*:*", matchCriteriaId: "DD4BBD63-E038-45CE-9537-D96831E99A06", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.", }, { lang: "es", value: "Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 podría permitir a usuarios locales ganar privilegios mediante la modificación de los contenidos Mar extraídos durante una actualización.", }, ], id: "CVE-2014-1496", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2014-03-19T10:55:06.303", references: [ { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-16.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=925747", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-16.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=925747", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-02 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*", matchCriteriaId: "01E6CAD9-DC1F-4C7C-8C8E-98E4BFABAC94", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*", matchCriteriaId: "3C171088-A361-4950-A397-BB4FD83DBB68", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12:*:*:*:*:*:*:*", matchCriteriaId: "41BB6157-21C1-43AF-9468-2E49D9BEFEAD", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", matchCriteriaId: "BCEA3D62-99E0-48F9-A0CF-981BF28A509D", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_live_patching:12.0:*:*:*:*:*:*:*", matchCriteriaId: "CCAAE4A1-D542-43F3-B7FC-685BCDB248D5", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_module_for_public_cloud:12:*:*:*:*:*:*:*", matchCriteriaId: "0441632F-40BF-432B-BB1C-6396C726C4F6", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*", matchCriteriaId: "5AB3CAA1-C20C-4A86-841E-EC0858164D7D", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*", matchCriteriaId: "C384D0B6-8A5C-45CA-8CD9-7F4E967FE4F0", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*", matchCriteriaId: "81D94366-47D6-445A-A811-39327B150FCD", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_workstation_extension:12.0:*:*:*:*:*:*:*", matchCriteriaId: "DF461FB4-8BA5-4065-9A69-DC017D3611C3", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_workstation_extension:12.0:sp1:*:*:*:*:*:*", matchCriteriaId: "1F003591-0639-476C-A014-03F06A274880", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:4.5.0:rc7:*:*:*:*:*:*", matchCriteriaId: "74D8F1E1-5953-48EB-A3FB-218ACA871E9A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.", }, { lang: "es", value: "Vulnerabilidad de liberación de memoria doble en drivers/net/usb/cdc_ncm.c en el kernel de Linux en versiones anteriores a 4.5 permite a atacantes físicamente próximos provocar una denegación de servicio (caída de sistema) o posiblemente tener otro impacto no especificado insertando un dispositivo USB con un descriptor USB no válido.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/415.html\">CWE-415: Double Free</a>", id: "CVE-2016-3951", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 0.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-02T10:59:41.490", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2016/dsa-3607", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2016/04/06/4", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/91028", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1036763", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2989-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2998-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3000-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3001-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3002-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3003-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3004-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3021-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3021-2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1324782", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://github.com/torvalds/linux/commit/1666984c8625b3db19a9abc298931d35ab7bc64b", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://github.com/torvalds/linux/commit/4d06dd537f95683aba3651098ae288b7cbff8274", }, { source: "cve@mitre.org", url: "https://www.spinics.net/lists/netdev/msg367669.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3607", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2016/04/06/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/91028", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1036763", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2989-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2998-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3000-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3001-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3002-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3003-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3004-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3021-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3021-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1324782", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/torvalds/linux/commit/1666984c8625b3db19a9abc298931d35ab7bc64b", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/torvalds/linux/commit/4d06dd537f95683aba3651098ae288b7cbff8274", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.spinics.net/lists/netdev/msg367669.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-11-05 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitrary commands by creating /tmp/.guestfish-$UID/ in advance.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libguestfs | libguestfs | * | |
| libguestfs | libguestfs | * | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| novell | suse_linux_enterprise_server | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libguestfs:libguestfs:*:*:*:*:*:*:*:*", matchCriteriaId: "FEDCD7E8-EB02-4686-8217-017306C55D52", versionEndIncluding: "1.20.12", versionStartIncluding: "1.20.0", vulnerable: true, }, { criteria: "cpe:2.3:a:libguestfs:libguestfs:*:*:*:*:*:*:*:*", matchCriteriaId: "78562C81-E443-418F-BD73-29CA55F6F098", versionEndIncluding: "1.22.7", versionStartIncluding: "1.22.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "623DB4CD-8CB3-445A-B9B5-1238CF195235", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitrary commands by creating /tmp/.guestfish-$UID/ in advance.", }, { lang: "es", value: "El comando guestfish en libguestfs 1.20.12, 1.22.7 y anteriores versiones, cuando se usa la opción --remote o --listen, no comprueba adecuadamente la propiedad de /tmp/.guestfish-$UID/ al crear un archivo de socket temporal en este directorio, lo que permite a usuarios locales escribir en el socket y ejecutar comandos arbitrarios mediante la creación de /tmp/.guestfish-$UID/ por adelantado.", }, ], id: "CVE-2013-4419", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "HIGH", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:H/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.2, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-11-05T20:55:29.397", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00001.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1536.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/55813", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1016960", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.redhat.com/archives/libguestfs/2013-October/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1536.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/55813", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1016960", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.redhat.com/archives/libguestfs/2013-October/msg00031.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-02-06 05:44
Modified
2025-04-11 00:51
Severity ?
Summary
Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | solaris | 11.3 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| mozilla | firefox | * | |
| mozilla | seamonkey | * | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | linux_enterprise_desktop | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "86B3B84A-9D1F-4863-987C-5C958B05C523", versionEndExcluding: "27.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "328319A6-42EE-408E-91A8-87156C17AE46", versionEndExcluding: "2.24", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "3ED68ADD-BBDA-4485-BC76-58F011D72311", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "E534C201-BCC5-473C-AAA7-AAB97CEB5437", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "2470C6E8-2024-4CF5-9982-CFF50E88EAE9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.", }, { lang: "es", value: "Mozilla Firefox anterior a 27.0 y SeaMonkey anterior a 2.24 permiten a atacantes remotos evadir Same Origin Policy y obtener información sensible usando un elemento IFRAME en conjunción con ciertas medidas de tiempo involucrando las funciones document.caretPositionFromPoint y document.elementFromPoint.", }, ], id: "CVE-2014-1483", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-02-06T05:44:24.910", references: [ { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://osvdb.org/102869", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56706", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56767", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56787", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56888", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-05.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/65316", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029717", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029720", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { source: "security@mozilla.org", tags: [ "Broken Link", "URL Repurposed", ], url: "https://8pecxstudios.com/?page_id=44080", }, { source: "security@mozilla.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=950427", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90893", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://osvdb.org/102869", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56706", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56767", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56787", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56888", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-05.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/65316", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029717", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029720", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "URL Repurposed", ], url: "https://8pecxstudios.com/?page_id=44080", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=950427", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90893", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-1021", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "422EC5FE-DA03-4C14-ADED-D6212BE074D5", versionEndExcluding: "28.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "F43E2CDB-F255-4199-A33E-BBFD18BA241C", versionEndExcluding: "24.4", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "097F1C3A-4546-43F3-8CC2-50F8AF05B791", versionEndExcluding: "2.25", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "507FBFAF-784E-4C0E-B959-9380C31EBD1B", versionEndExcluding: "24.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:*:*:*", matchCriteriaId: "DD4BBD63-E038-45CE-9537-D96831E99A06", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.", }, { lang: "es", value: "La función libxul.so!gfxContext::Polygon en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 permite a atacantes remotos obtener información sensible de la memoria de procesos, causar una denegación de servicio (lectura fuera de rango y caída de aplicación), o posiblemente evadir Same Origin Policy a través de vectores involucrando la renderización de polígono MathML.\n", }, ], id: "CVE-2014-1508", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2014-03-19T10:55:06.567", references: [ { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-26.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66426", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=963198", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-26.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66426", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=963198", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "422EC5FE-DA03-4C14-ADED-D6212BE074D5", versionEndExcluding: "28.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "F43E2CDB-F255-4199-A33E-BBFD18BA241C", versionEndExcluding: "24.4", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "097F1C3A-4546-43F3-8CC2-50F8AF05B791", versionEndExcluding: "2.25", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "507FBFAF-784E-4C0E-B959-9380C31EBD1B", versionEndExcluding: "24.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "B2866FAF-4340-4EA7-9009-6594ADA27AF9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.", }, { lang: "es", value: "Vulnerabilidad de uso después de liberación en la clase TypeObject en el motor JavaScript en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 permite a atacantes remotos ejecutar código arbitrario mediante el aprovechamiento del consumo de memoria extensivo mientras la recolección de basura está ocurriendo.", }, ], id: "CVE-2014-1512", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-03-19T10:55:06.660", references: [ { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-03/0145.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-30.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66209", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982957", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-03/0145.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-30.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66209", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982957", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-04-28 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xen | xen | 4.2.0 | |
| xen | xen | 4.2.1 | |
| xen | xen | 4.2.2 | |
| xen | xen | 4.2.3 | |
| xen | xen | 4.2.4 | |
| xen | xen | 4.2.5 | |
| xen | xen | 4.3.0 | |
| xen | xen | 4.3.1 | |
| xen | xen | 4.3.2 | |
| xen | xen | 4.3.3 | |
| xen | xen | 4.3.4 | |
| xen | xen | 4.4.0 | |
| xen | xen | 4.4.1 | |
| xen | xen | 4.4.2 | |
| xen | xen | 4.5.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| suse | suse_linux_enterprise_desktop | 11.0 | |
| suse | suse_linux_enterprise_server | 11.0 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| fedoraproject | fedora | 22 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| opensuse | opensuse | 13.1 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| suse | suse_linux_enterprise_server | 12 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*", matchCriteriaId: "8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00", vulnerable: true, }, { criteria: "cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*", matchCriteriaId: "47640819-FC43-49ED-8A77-728C3D7255B3", vulnerable: true, }, { criteria: "cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*", matchCriteriaId: "2448537F-87AD-45C1-9FB0-7A49CA31BD76", vulnerable: true, }, { criteria: "cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E36B2265-70E1-413B-A7CF-79D39E9ADCFB", vulnerable: true, }, { criteria: "cpe:2.3:o:xen:xen:4.2.4:*:*:*:*:*:*:*", matchCriteriaId: "37148A72-BE20-45C5-8589-2309ED84D08C", vulnerable: true, }, { criteria: "cpe:2.3:o:xen:xen:4.2.5:*:*:*:*:*:*:*", matchCriteriaId: "FB736B4C-325A-4B27-8C8A-15E60B8A8C82", vulnerable: true, }, { criteria: "cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*", matchCriteriaId: "BF948E6A-07BE-4C7D-8A98-002E89D35F4D", vulnerable: true, }, { criteria: "cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*", matchCriteriaId: "C0E23B94-1726-4F63-84BB-8D83FAB156D7", vulnerable: true, }, { criteria: "cpe:2.3:o:xen:xen:4.3.2:*:*:*:*:*:*:*", matchCriteriaId: "C76124AB-4E3D-4BE0-AAEA-7FC05868E2FB", vulnerable: true, }, { criteria: "cpe:2.3:o:xen:xen:4.3.3:*:*:*:*:*:*:*", matchCriteriaId: "F30B5EF5-0AE8-420B-A103-B1B25A372F09", vulnerable: true, }, { criteria: "cpe:2.3:o:xen:xen:4.3.4:*:*:*:*:*:*:*", matchCriteriaId: "F784EF07-DBEC-492A-A0F4-F9F7B2551A0B", vulnerable: true, }, { criteria: "cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*", matchCriteriaId: "1044792C-D544-457C-9391-4F3B5BAB978D", vulnerable: true, }, { criteria: "cpe:2.3:o:xen:xen:4.4.1:*:*:*:*:*:*:*", matchCriteriaId: "FBD9AD01-50B7-4951-8A73-A6CF4801A487", vulnerable: true, }, { criteria: "cpe:2.3:o:xen:xen:4.4.2:*:*:*:*:*:*:*", matchCriteriaId: "89AA8FD5-E997-4F0D-AFB6-FFBE0073BA5D", vulnerable: true, }, { criteria: "cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*", matchCriteriaId: "90CCECD0-C0F9-45A8-8699-64428637EBCA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "777F6902-6EFA-482A-9A17-48DA5BDDB9CD", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "7F622F0E-8D17-47E8-8F3C-A640C21544E9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", matchCriteriaId: "253C303A-E577-4488-93E6-68A8DD942C38", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*", matchCriteriaId: "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*", matchCriteriaId: "DB2A1559-651C-46B0-B436-8E03DC8A60D2", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*", matchCriteriaId: "9C649194-B8C2-49F7-A819-C635EE584ABF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.", }, { lang: "es", value: "Xen 4.2.x hasta 4.5.x no inicializa ciertos campos, lo que permite a ciertos dominios de servicio remotos obtener información sensible de la memoria a través de una solicitud (1) XEN_DOMCTL_gettscinfo o (2) XEN_SYSCTL_getdomaininfolist.", }, ], id: "CVE-2015-3340", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.9, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 5.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-04-28T14:59:02.560", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156005.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156979.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157006.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3414", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/74248", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032158", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://xenbits.xen.org/xsa/advisory-132.html", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201604-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156979.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3414", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/74248", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032158", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://xenbits.xen.org/xsa/advisory-132.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201604-03", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-12-11 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.04 | |
| canonical | ubuntu_linux | 13.10 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "50A3A702-C2B1-4311-9EBC-D62079E3DCD5", versionEndExcluding: "26.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "924CA671-D089-40FA-BE02-6938FD094713", versionEndExcluding: "24.2", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "D337932C-EF9D-4511-87DB-54262C6635D9", versionEndExcluding: "2.23", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "7BD42C60-4027-4EDE-A61B-84C80154A5C3", versionEndExcluding: "24.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*", matchCriteriaId: "E14271AE-1309-48F3-B9C6-D7DEEC488279", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", matchCriteriaId: "5991814D-CA77-4C25-90D2-DB542B17E0AD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", matchCriteriaId: "D806A17E-B8F9-466D-807D-3F1E77603DC8", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "B2866FAF-4340-4EA7-9009-6594ADA27AF9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*", matchCriteriaId: "EFAA48D9-BEB4-4E49-AD50-325C262D46D9", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.", }, { lang: "es", value: "Vulnerabilidad de uso despues de liberación en la función nsNodeUtils::LastRelease en la interfaz de usuario en el editor de componentes en Mozilla Firefox anterior a 26.0, Firefox ESR 24.x anterior a 24.2, Thunderbird anterior a 24.2, y SeaMonkey anterior a 2.23 que permite a atacantes remotos ejecutar código arbitrario mediante la activación inadecuada de la recolección de basura .", }, ], id: "CVE-2013-5618", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2013-12-11T15:55:13.013", references: [ { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-109.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029470", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029476", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=926361", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-109.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029470", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029476", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=926361", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-02-06 05:44
Modified
2025-04-11 00:51
Severity ?
Summary
The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "86B3B84A-9D1F-4863-987C-5C958B05C523", versionEndExcluding: "27.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "5D5BFC32-48C3-431E-BD30-67BF408025F1", versionEndExcluding: "24.3", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "328319A6-42EE-408E-91A8-87156C17AE46", versionEndExcluding: "2.24", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "3CCF1ADE-2590-49D1-AD38-B7EF93AC92BE", versionEndExcluding: "24.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", matchCriteriaId: "5991814D-CA77-4C25-90D2-DB542B17E0AD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "B2866FAF-4340-4EA7-9009-6594ADA27AF9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.", }, { lang: "es", value: "La implementación de Web workers en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 permite a atacantes remotos evadir Same Origin Policy y obtener información sensible de autenticación a través de vectores que involucran mensajes de error.", }, ], id: "CVE-2014-1487", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2014-02-06T05:44:25.017", references: [ { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://osvdb.org/102873", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56706", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56761", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56763", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56767", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56787", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56858", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56888", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56922", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/65330", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029717", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029720", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029721", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { source: "security@mozilla.org", tags: [ "Broken Link", "URL Repurposed", ], url: "https://8pecxstudios.com/?page_id=44080", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=947592", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90889", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://osvdb.org/102873", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56706", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56761", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56763", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56767", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56787", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56858", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56888", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56922", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/65330", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029717", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029720", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "URL Repurposed", ], url: "https://8pecxstudios.com/?page_id=44080", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=947592", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90889", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-346", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2012-11-21 12:55
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| mozilla | thunderbird_esr | * | |
| apple | mac_os_x | - | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.3 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_eus | 6.3 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 11.10 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.1 | |
| opensuse | opensuse | 12.2 | |
| suse | suse_linux_enterprise_desktop | 10 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 10 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "23C27B04-A1E0-4930-AF63-E2B1E57F75BE", versionEndExcluding: "17.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "46BBBC83-F777-4899-9F6A-094CDD9CFF0F", versionEndExcluding: "10.0.11", versionStartIncluding: "10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "D9DEF1D7-9412-4632-A689-AFD71FEFACC0", versionEndExcluding: "2.14", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "61E5E742-2A0F-4483-A784-EACBEE1DF267", versionEndExcluding: "17.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "828E00D1-8F2A-43AF-93DB-B1985CE68A8A", versionEndExcluding: "10.0.11", versionStartIncluding: "10.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", matchCriteriaId: "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", matchCriteriaId: "8382A145-CDD9-437E-9DE7-A349956778B3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3:*:*:*:*:*:*:*", matchCriteriaId: "413CC30E-5FFE-47A4-B38B-80E3A9B13238", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp2:*:*:*:*:*:*", matchCriteriaId: "78BEBD36-7BD1-4686-BF9A-60B85EBF6A80", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", matchCriteriaId: "01EDA41C-6B2E-49AF-B503-EB3882265C11", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", matchCriteriaId: "E4174F4F-149E-41A6-BBCC-D01114C05F38", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", matchCriteriaId: "EBB2C482-D2A4-48B3-ACE7-E1DFDCC409B5", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", matchCriteriaId: "D806A17E-B8F9-466D-807D-3F1E77603DC8", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp4:*:*:*:*:*:*", matchCriteriaId: "F5FE6906-1A69-4197-A8D6-C75E1A163FD4", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp2:*:*:*:*:*:*", matchCriteriaId: "C08546E6-4C6A-4044-BEBA-AC2B75EF2693", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp4:*:*:*:*:*:*", matchCriteriaId: "EA2807B4-C30A-4C95-98E8-2AA9F5723684", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp2:*:*:*:*:*:*", matchCriteriaId: "B94190DE-DF41-4202-B513-DE3ABDED35FE", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp2:*:*:*:-:*:*", matchCriteriaId: "12ED70E0-7F26-4909-9D90-B5D880178526", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp2:*:*:*:vmware:*:*", matchCriteriaId: "78651AEE-E88E-40CB-8A17-09E95C822AF6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.", }, { lang: "es", value: "Vulnerabilidad de uso después de liberación en Mozilla Firefox antes de 17.0, Firefox ESR 10.x antes de 10.0.11, Thunderbird antes de 17.0, Thunderbird ESR 10.x antes de 10.0.11, y SeaMonkey antes de 2.14 en Mac OS X permite a atacantes remotos ejecutar código arbitrario a través de un documento HTML.", }, ], id: "CVE-2012-5830", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2012-11-21T12:55:03.290", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://osvdb.org/87598", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1482.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1483.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/51359", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/51360", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/51369", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/51370", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/51381", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/51434", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/51439", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/51440", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2012/mfsa2012-106.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-1636-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-1638-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-1638-2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-1638-3", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=775228", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/80183", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://osvdb.org/87598", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1482.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1483.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/51359", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/51360", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/51369", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/51370", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/51381", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/51434", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/51439", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/51440", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2012/mfsa2012-106.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-1636-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-1638-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-1638-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-1638-3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=775228", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/80183", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "422EC5FE-DA03-4C14-ADED-D6212BE074D5", versionEndExcluding: "28.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "F43E2CDB-F255-4199-A33E-BBFD18BA241C", versionEndExcluding: "24.4", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "097F1C3A-4546-43F3-8CC2-50F8AF05B791", versionEndExcluding: "2.25", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "507FBFAF-784E-4C0E-B959-9380C31EBD1B", versionEndExcluding: "24.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:*:*:*", matchCriteriaId: "DD4BBD63-E038-45CE-9537-D96831E99A06", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.", }, { lang: "es", value: "Desbordamiento de buffer en la función _cairo_truetype_index_to_ucs4 en cairo, utilizado en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25, permite a atacantes remotos ejecutar código arbitrario a través de una extensión manipulada que renderiza fuentes en un documento PDF.", }, ], id: "CVE-2014-1509", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2014-03-19T10:55:06.600", references: [ { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-27.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66425", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=966021", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-27.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66425", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=966021", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "422EC5FE-DA03-4C14-ADED-D6212BE074D5", versionEndExcluding: "28.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "F43E2CDB-F255-4199-A33E-BBFD18BA241C", versionEndExcluding: "24.4", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "097F1C3A-4546-43F3-8CC2-50F8AF05B791", versionEndExcluding: "2.25", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "507FBFAF-784E-4C0E-B959-9380C31EBD1B", versionEndExcluding: "24.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "B2866FAF-4340-4EA7-9009-6594ADA27AF9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.", }, { lang: "es", value: "La función mozilla::WaveReader::DecodeAudioData en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 permite a atacantes remotos obtener información sensible de memoria dinámica de procesos, causar una denegación de servicio (lectura fuera de rango y caída de aplicación), o posiblemente tener otro impacto no especificado a través de un archivo WAV manipulado.", }, ], id: "CVE-2014-1497", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2014-03-19T10:55:06.333", references: [ { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-17.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66423", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=966311", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-17.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66423", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=966311", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-02-06 05:44
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "86B3B84A-9D1F-4863-987C-5C958B05C523", versionEndExcluding: "27.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "5D5BFC32-48C3-431E-BD30-67BF408025F1", versionEndExcluding: "24.3", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "328319A6-42EE-408E-91A8-87156C17AE46", versionEndExcluding: "2.24", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "3CCF1ADE-2590-49D1-AD38-B7EF93AC92BE", versionEndExcluding: "24.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", matchCriteriaId: "5991814D-CA77-4C25-90D2-DB542B17E0AD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "B2866FAF-4340-4EA7-9009-6594ADA27AF9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", }, { lang: "es", value: "Múltiples vulnerabilidades no especificadas en el motor de navegación en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 permiten a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos.", }, ], id: "CVE-2014-1477", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2014-02-06T05:44:24.393", references: [ { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://osvdb.org/102864", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56706", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56761", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56763", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56767", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56787", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56858", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56888", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/65317", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029717", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029720", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029721", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { source: "security@mozilla.org", tags: [ "Broken Link", "URL Repurposed", ], url: "https://8pecxstudios.com/?page_id=44080", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=921470", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=925896", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=936808", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=937132", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=937697", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=945334", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=945939", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=950000", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=950438", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=951366", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=953114", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90899", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://osvdb.org/102864", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56706", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56761", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56763", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56767", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56787", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56858", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56888", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/65317", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029717", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029720", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "URL Repurposed", ], url: "https://8pecxstudios.com/?page_id=44080", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=921470", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=925896", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=936808", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=937132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=937697", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=945334", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=945939", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=950000", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=950438", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=951366", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=953114", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90899", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-04-16 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| novell | suse_linux_enterprise_desktop | 11 | |
| novell | suse_linux_enterprise_server | 11.0 | |
| suse | suse_linux_enterprise_server | 11.0 | |
| oracle | mysql | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "BD55EF8A-A5D3-4800-9737-3C4D63FF8058", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "623DB4CD-8CB3-445A-B9B5-1238CF195235", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*", matchCriteriaId: "103582CB-029E-4201-B391-897B49BE8DDD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "88026F8E-06D9-4B34-89CF-C01E2486961D", versionEndIncluding: "5.6.22", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.", }, { lang: "es", value: "Vulnerabilidad no especificada en Oracle MySQL Server 5.6.22 y versiones anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server : InnoDB, una vulnerabilidad diferente a CVE-2015-4756.", }, ], id: "CVE-2015-0439", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-04-16T16:59:04.577", references: [ { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { source: "secalert_us@oracle.com", url: "http://www.securityfocus.com/bid/74085", }, { source: "secalert_us@oracle.com", url: "http://www.securitytracker.com/id/1032121", }, { source: "secalert_us@oracle.com", url: "https://security.gentoo.org/glsa/201507-19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74085", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032121", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201507-19", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-06-27 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", matchCriteriaId: "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp4:*:*:*:*:*:*", matchCriteriaId: "99A38379-DBD3-4BF6-9A8F-95A3F553AD02", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*", matchCriteriaId: "C729D5D1-ED95-443A-9F53-5D7C2FD9B80C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*", matchCriteriaId: "F892F1B0-514C-42F7-90AE-12ACDFDC1033", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*", matchCriteriaId: "18D823E3-E1F3-4A15-A9C7-1AB61C1B6703", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:extra:*:*:*:*:*:*", matchCriteriaId: "AD1AEFA5-9D43-4DD2-9088-7B37D5F220C4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*", matchCriteriaId: "CF719D1A-AA3A-42C9-9568-07DD4DB27A4B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*", matchCriteriaId: "9DFA18B6-2642-470A-A350-68947529EE5D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", matchCriteriaId: "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*", matchCriteriaId: "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:suse:opensuse_leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4C3C4A93-990D-4E77-B998-6AA045CE6187", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", matchCriteriaId: "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*", matchCriteriaId: "D68314F2-4372-4215-8D5C-10A75BC8188D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", matchCriteriaId: "253C303A-E577-4488-93E6-68A8DD942C38", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "FC099084-12C9-4396-ABC7-F389CFAD871E", versionEndIncluding: "4.6.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*", matchCriteriaId: "9C649194-B8C2-49F7-A819-C635EE584ABF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.", }, { lang: "es", value: "La función rds_inc_info_copy en net/rds/recv.c en el kernel de Linux hasta la versión 4.6.3 no inicializa un cierto miembro de estructura, lo que permite a atacantes remotos obtener información sensible de la memoria de pila del kernel leyendo un mensaje RDS.", }, ], id: "CVE-2016-5244", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-06-27T10:59:11.157", references: [ { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2016/dsa-3607", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Technical Description", ], url: "http://www.openwall.com/lists/oss-security/2016/06/03/5", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/91021", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1041895", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-3070-1", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-3070-2", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-3070-3", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-3070-4", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-3071-1", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-3071-2", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-3072-1", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-3072-2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1343337", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://patchwork.ozlabs.org/patch/629110/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3607", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Technical Description", ], url: "http://www.openwall.com/lists/oss-security/2016/06/03/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/91021", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1041895", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-3070-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-3070-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-3070-3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-3070-4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-3071-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-3071-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-3072-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-3072-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1343337", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://patchwork.ozlabs.org/patch/629110/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-04-16 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | communications_policy_management | * | |
| oracle | communications_policy_management | 9.9.1 | |
| oracle | communications_policy_management | 10.4.1 | |
| oracle | communications_policy_management | 12.1.1 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| suse | suse_linux_enterprise_desktop | 11.0 | |
| suse | suse_linux_enterprise_server | 11.0 | |
| suse | suse_linux_enterprise_server | 11.0 | |
| oracle | mysql | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_policy_management:*:*:*:*:*:*:*:*", matchCriteriaId: "733AAB26-D6B3-4892-9531-2427551A7843", versionEndIncluding: "9.7.3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_policy_management:9.9.1:*:*:*:*:*:*:*", matchCriteriaId: "1C1B1DA1-CB11-42D6-9F28-C1588A7A7D45", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_policy_management:10.4.1:*:*:*:*:*:*:*", matchCriteriaId: "F696923E-E5AB-4473-B404-A6CCB33B6DB8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_policy_management:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "AE69A446-E765-4141-83F6-B58EA7E3783A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "777F6902-6EFA-482A-9A17-48DA5BDDB9CD", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "7F622F0E-8D17-47E8-8F3C-A640C21544E9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*", matchCriteriaId: "103582CB-029E-4201-B391-897B49BE8DDD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "8CC19DE2-CDE4-4BB4-B2F8-4AA4BFED57BA", versionEndIncluding: "5.6.23", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.", }, { lang: "es", value: "Vulnerabilidad no especificada en Oracle MySQL Server 5.6.23 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos.", }, ], id: "CVE-2015-0500", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-04-16T16:59:49.810", references: [ { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { source: "secalert_us@oracle.com", url: "http://www.securityfocus.com/bid/74081", }, { source: "secalert_us@oracle.com", url: "http://www.securitytracker.com/id/1032121", }, { source: "secalert_us@oracle.com", url: "https://security.gentoo.org/glsa/201507-19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74081", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032121", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201507-19", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "422EC5FE-DA03-4C14-ADED-D6212BE074D5", versionEndExcluding: "28.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "F43E2CDB-F255-4199-A33E-BBFD18BA241C", versionEndExcluding: "24.4", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "097F1C3A-4546-43F3-8CC2-50F8AF05B791", versionEndExcluding: "2.25", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "507FBFAF-784E-4C0E-B959-9380C31EBD1B", versionEndExcluding: "24.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:*:*:*", matchCriteriaId: "DD4BBD63-E038-45CE-9537-D96831E99A06", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.", }, { lang: "es", value: "vmtypedarrayobject.cpp en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 no valida la longitud del array de destino antes de una operación de copiar, lo que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (escritura fuera de rango y caída de aplicación) mediante el aprovechamiento del uso incorrecto de la clase TypedArrayObject.\n", }, ], id: "CVE-2014-1514", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2014-03-19T10:55:06.723", references: [ { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66240", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=983344", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66240", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=983344", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-12-11 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.04 | |
| canonical | ubuntu_linux | 13.10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "50A3A702-C2B1-4311-9EBC-D62079E3DCD5", versionEndExcluding: "26.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "924CA671-D089-40FA-BE02-6938FD094713", versionEndExcluding: "24.2", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "D337932C-EF9D-4511-87DB-54262C6635D9", versionEndExcluding: "2.23", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "7BD42C60-4027-4EDE-A61B-84C80154A5C3", versionEndExcluding: "24.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*", matchCriteriaId: "E14271AE-1309-48F3-B9C6-D7DEEC488279", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", matchCriteriaId: "5991814D-CA77-4C25-90D2-DB542B17E0AD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", matchCriteriaId: "D806A17E-B8F9-466D-807D-3F1E77603DC8", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "B2866FAF-4340-4EA7-9009-6594ADA27AF9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*", matchCriteriaId: "EFAA48D9-BEB4-4E49-AD50-325C262D46D9", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.", }, { lang: "es", value: "Vulnerabilidad de liberación despues de uso en la función PresShell :: DispatchSynthMouseMove en Mozilla Firefox anterior a 26.0, Firefox ESR 24.x antes 24.2, Thunderbird antes de 24.2, y SeaMonkey anterior a 2.23 que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria heap) a través de vectores relacionados con el movimiento del ratón sintética, con la función RestyleManager :: GetHoverGeneration.", }, ], evaluatorComment: "CWE-416: Use After Free", id: "CVE-2013-5613", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2013-12-11T15:55:12.840", references: [ { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-114.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029470", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029476", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=930381", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=932449", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-114.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029470", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029476", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=930381", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=932449", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-04 13:29
Modified
2025-01-14 19:29
Severity ?
Summary
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:intel:atom_c:c2308:*:*:*:*:*:*:*", matchCriteriaId: "CD028C10-FD07-4206-A732-CCAC1B6D043D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c2316:*:*:*:*:*:*:*", matchCriteriaId: "704FAA50-1B7D-4917-AC4A-4C58785340F1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c2338:*:*:*:*:*:*:*", matchCriteriaId: "5C6B95D3-75BD-4826-BFBE-9701CC0FF052", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c2350:*:*:*:*:*:*:*", matchCriteriaId: "F66E31A6-EA01-40C8-8718-CE2C1F45EEB8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c2358:*:*:*:*:*:*:*", matchCriteriaId: "DBBE3B05-2063-49DE-A1D3-9D0A62E0CF5E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c2508:*:*:*:*:*:*:*", matchCriteriaId: "022F2CBE-EFB1-4962-AC91-D25AAB057DAF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c2516:*:*:*:*:*:*:*", matchCriteriaId: "69C05CD9-551B-46EE-85F8-D18FF878FE8D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c2518:*:*:*:*:*:*:*", matchCriteriaId: "2DCCB5A5-20E3-4EC5-956C-EA7C0F33A026", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c2530:*:*:*:*:*:*:*", matchCriteriaId: "3C38C609-242E-4923-A81F-DAFBE7B6A927", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c2538:*:*:*:*:*:*:*", matchCriteriaId: "2AEB08B5-7CBA-479A-A41B-FD8A6D9E0875", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c2550:*:*:*:*:*:*:*", matchCriteriaId: "A8C4FDD7-F2EC-4EDB-ACC9-3D6B9152C855", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c2558:*:*:*:*:*:*:*", matchCriteriaId: "8E51DD0B-1EED-4BE9-B0A7-BE2E91CCA84C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c2718:*:*:*:*:*:*:*", matchCriteriaId: "D7AC7C56-2205-4121-99E2-001A7488E0FC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c2730:*:*:*:*:*:*:*", matchCriteriaId: "A1677313-FF8F-493B-9DA3-C78F87581A17", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c2738:*:*:*:*:*:*:*", matchCriteriaId: "4B2A3CCE-FA57-43B5-B7DE-CFD0CC2ECD7A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c2750:*:*:*:*:*:*:*", matchCriteriaId: "85CA4444-5103-4451-8A7C-F6BBE714BBB7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c2758:*:*:*:*:*:*:*", matchCriteriaId: "FA1EB745-46D7-4088-93C6-E7156520B144", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3308:*:*:*:*:*:*:*", matchCriteriaId: "A93010C0-33B3-438F-94F6-8DA7A9D7B451", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3338:*:*:*:*:*:*:*", matchCriteriaId: "2A988A78-6B3D-4599-A85C-42B4A294D86D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3508:*:*:*:*:*:*:*", matchCriteriaId: "1D7C5EF4-3A92-4AF7-9B11-62B4FFDC5128", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3538:*:*:*:*:*:*:*", matchCriteriaId: "246AA1B0-B6C8-406B-817D-26113DC63858", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3558:*:*:*:*:*:*:*", matchCriteriaId: "00EE5B42-FF05-447C-BACC-0E650E773E49", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3708:*:*:*:*:*:*:*", matchCriteriaId: "B0779CC9-BD39-4E0B-B523-A6C69F9EBB0C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3750:*:*:*:*:*:*:*", matchCriteriaId: "A1F0E3C4-7E9B-435F-907E-4BF4F12AF314", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3758:*:*:*:*:*:*:*", matchCriteriaId: "5D616C72-0863-478C-9E87-3963C83B87E8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3808:*:*:*:*:*:*:*", matchCriteriaId: "CC333B0D-3A0E-4629-8016-68C060343874", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3830:*:*:*:*:*:*:*", matchCriteriaId: "6655535C-FF64-4F9E-8168-253AABCC4F5D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3850:*:*:*:*:*:*:*", matchCriteriaId: "B1EDEA1E-9A19-4B3F-806E-D770D1AB4C73", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3858:*:*:*:*:*:*:*", matchCriteriaId: "BBD68F3F-7E38-40B9-A20B-B9BB45E8D042", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3950:*:*:*:*:*:*:*", matchCriteriaId: "1EACEF19-83BC-4579-9274-BE367F914432", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3955:*:*:*:*:*:*:*", matchCriteriaId: "1CC73291-AA6F-40B0-860A-1F2E6AB1E2AC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c:c3958:*:*:*:*:*:*:*", matchCriteriaId: "24128A7F-2B0B-4923-BA9E-9F5093D29423", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_e:e3805:*:*:*:*:*:*:*", matchCriteriaId: "0990DD71-9E83-499D-9DAF-A466CF896CFA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_e:e3815:*:*:*:*:*:*:*", matchCriteriaId: "9B7FEDEF-9772-4FB1-9261-020487A795AA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_e:e3825:*:*:*:*:*:*:*", matchCriteriaId: "FE7B0F72-DEDF-40C4-887C-83725C52C92E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_e:e3826:*:*:*:*:*:*:*", matchCriteriaId: "9568C222-9816-4520-B01C-C1DC2A79002D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_e:e3827:*:*:*:*:*:*:*", matchCriteriaId: "4B2F8FAD-1688-4369-BB4B-9FA9F30A80A9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_e:e3845:*:*:*:*:*:*:*", matchCriteriaId: "53A1F23D-7226-4479-B51F-36376CC80B04", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_x3:c3130:*:*:*:*:*:*:*", matchCriteriaId: "BAB245C8-9918-41A0-9DFB-A11E4185C87A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_x3:c3200rk:*:*:*:*:*:*:*", matchCriteriaId: "9990DD08-BD81-4BFA-B3D4-0DECBF8CCC54", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_x3:c3205rk:*:*:*:*:*:*:*", matchCriteriaId: "F752A3C8-18ED-4765-B6EC-C664154EB701", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_x3:c3230rk:*:*:*:*:*:*:*", matchCriteriaId: "B4F31C3F-7C0D-4D95-B4B9-89FD38076913", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_x3:c3235rk:*:*:*:*:*:*:*", matchCriteriaId: "5BEEE36E-E735-4A33-80B7-9407D072F6BD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_x3:c3265rk:*:*:*:*:*:*:*", matchCriteriaId: "2CB3D3DE-21BE-40C7-A510-AC97C92390DC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_x3:c3295rk:*:*:*:*:*:*:*", matchCriteriaId: "0D9A9545-38A3-460D-AB1A-8B03BEB405A8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_x3:c3405:*:*:*:*:*:*:*", matchCriteriaId: "1860D932-777D-41F2-94A2-D14AB1494AA3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_x3:c3445:*:*:*:*:*:*:*", matchCriteriaId: "75165A10-2FD5-4370-814C-B60FDE339AFF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:*", matchCriteriaId: "454AC633-5F1C-47BB-8FA7-91A5C29A1DD5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:*", matchCriteriaId: "A2394E8C-58D9-480B-87A7-A41CD7697FC6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:*", matchCriteriaId: "1B9AC02B-D3AE-4FAF-836E-55515186A462", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z2420:*:*:*:*:*:*:*", matchCriteriaId: "65AAC7A7-77CA-4C6C-BD96-92A253512F09", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z2460:*:*:*:*:*:*:*", matchCriteriaId: "FCD16C07-0050-495A-8722-7AC46F5920F9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z2480:*:*:*:*:*:*:*", matchCriteriaId: "01423706-C82C-4457-9638-1A2380DE3826", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z2520:*:*:*:*:*:*:*", matchCriteriaId: "A881E2D3-A668-465F-862B-F8C145BD5E8D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z2560:*:*:*:*:*:*:*", matchCriteriaId: "3E5B9B98-0EF0-4ACD-B378-F9DE5AB36CBB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z2580:*:*:*:*:*:*:*", matchCriteriaId: "4BDC6806-E4FC-4A6E-A6BB-88C18E47ABFA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z2760:*:*:*:*:*:*:*", matchCriteriaId: "6602DD69-E59A-417D-B19F-CA16B01E652C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3460:*:*:*:*:*:*:*", matchCriteriaId: "05C493EE-EF9F-47E2-8F88-86DF6C5F1FF9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3480:*:*:*:*:*:*:*", matchCriteriaId: "40010DAE-DD1A-4A81-B6E9-EDC1B0DDCAB0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3530:*:*:*:*:*:*:*", matchCriteriaId: "ED96AC16-12CC-43F6-ACC8-009A06CDD8F5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3560:*:*:*:*:*:*:*", matchCriteriaId: "2CE9DC29-C192-4553-AF29-D39290976F47", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3570:*:*:*:*:*:*:*", matchCriteriaId: "F625E647-B47E-404C-9C5B-72F3EB1C46F5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3580:*:*:*:*:*:*:*", matchCriteriaId: "E3AF3279-89E7-4C91-8C5F-5AD5937CD0C4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3590:*:*:*:*:*:*:*", matchCriteriaId: "B5878612-9825-4737-85A5-8227BA97CBA5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3735d:*:*:*:*:*:*:*", matchCriteriaId: "F453D348-28CE-402B-9D40-A29436A24ECC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3735e:*:*:*:*:*:*:*", matchCriteriaId: "36322F4B-83D7-468A-BB34-1C03729E9BF3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3735f:*:*:*:*:*:*:*", matchCriteriaId: "0AD22811-C3C6-4B5E-98D5-D3F2240E6C8C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3735g:*:*:*:*:*:*:*", matchCriteriaId: "A3C7D0BA-8F07-42AD-8BB9-C65472BE41C1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3736f:*:*:*:*:*:*:*", matchCriteriaId: "B0A2A50E-94FA-44E9-A45D-3016750CFBDA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3736g:*:*:*:*:*:*:*", matchCriteriaId: "5625CAD8-4A62-4747-B6D9-90E56F09B731", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3740:*:*:*:*:*:*:*", matchCriteriaId: "43A234CE-D6AA-4A32-8425-1A4DDA0F6B6D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3740d:*:*:*:*:*:*:*", matchCriteriaId: "78DE1A01-3AEF-41E6-97EE-CB93429C4A1D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3745:*:*:*:*:*:*:*", matchCriteriaId: "410184AF-B932-4AC9-984F-73FD58BB4CF7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3745d:*:*:*:*:*:*:*", matchCriteriaId: "B265F073-9E0A-4CA0-8296-AB52DEB1C323", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3770:*:*:*:*:*:*:*", matchCriteriaId: "3F664223-1CBC-4D8A-921B-F03AACA6672B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3770d:*:*:*:*:*:*:*", matchCriteriaId: "987A8470-08BA-45DE-8EC0-CD2B4451EECD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3775:*:*:*:*:*:*:*", matchCriteriaId: "8BBC9542-FB77-4769-BF67-D42829703920", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3775d:*:*:*:*:*:*:*", matchCriteriaId: "74FDC18B-4662-422E-A86A-48FE821C056F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3785:*:*:*:*:*:*:*", matchCriteriaId: "CAB4AA2C-D1D9-44D8-9471-66EBDE9DC66D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_z:z3795:*:*:*:*:*:*:*", matchCriteriaId: "CBA3E7AE-CB74-48A8-A2B8-9FCADB6E40D2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_j:j1750:*:*:*:*:*:*:*", matchCriteriaId: "78E4461B-72F8-4F3D-A405-4AFA99EC8A32", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_j:j1800:*:*:*:*:*:*:*", matchCriteriaId: "663DDC1C-E48A-4E84-A6CC-B46FC45D6A6F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_j:j1850:*:*:*:*:*:*:*", matchCriteriaId: "8CEEC75B-10CE-4B7E-BA5F-6D661EC07FFF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_j:j1900:*:*:*:*:*:*:*", matchCriteriaId: "DAEDED56-9387-4DAC-BF52-C32ECCB7D407", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_j:j3060:*:*:*:*:*:*:*", matchCriteriaId: "FA13F31C-BBD9-48C7-8499-92D0B5CA8CF4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_j:j3160:*:*:*:*:*:*:*", matchCriteriaId: "E57A9B28-734B-401D-B24C-A295F364D8E8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_j:j3355:*:*:*:*:*:*:*", matchCriteriaId: "F02289DF-4A02-4602-89B7-E9148236EE1E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_j:j3455:*:*:*:*:*:*:*", matchCriteriaId: "723E7155-493D-4B5A-99E2-AB261838190E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_j:j4005:*:*:*:*:*:*:*", matchCriteriaId: "82E37264-E4BA-4D9D-92E7-56DE6B5F918F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_j:j4105:*:*:*:*:*:*:*", matchCriteriaId: "8704BE6D-2857-4328-9298-E0273376F2CD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n2805:*:*:*:*:*:*:*", matchCriteriaId: "731F1E65-1D53-443B-8E2F-8AF11191AFA6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n2806:*:*:*:*:*:*:*", matchCriteriaId: "02A83822-822D-4A4D-B29B-A5BE6367A7DF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n2807:*:*:*:*:*:*:*", matchCriteriaId: "E8C32738-F08E-469C-8DE0-2708F30574A1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n2808:*:*:*:*:*:*:*", matchCriteriaId: "B292187E-8EAD-49D2-B469-B14CA0656035", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n2810:*:*:*:*:*:*:*", matchCriteriaId: "C7D131E1-24C1-48CF-B3DD-46B09A718FB5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n2815:*:*:*:*:*:*:*", matchCriteriaId: "0ABF1231-73CF-4D1B-860C-E76CD26A645E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n2820:*:*:*:*:*:*:*", matchCriteriaId: "F7F88E38-4EC4-41DB-A59D-800997440C0E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n2830:*:*:*:*:*:*:*", matchCriteriaId: "32FD6647-4101-4B36-9A9A-F70C29997148", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n2840:*:*:*:*:*:*:*", matchCriteriaId: "D248D668-A895-43B3-ADEF-1B22EE7DC76E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n2910:*:*:*:*:*:*:*", matchCriteriaId: "858411B5-E904-45FA-8B33-5CC73B915B22", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n2920:*:*:*:*:*:*:*", matchCriteriaId: "6BB9336C-C893-4AB0-9402-868CE9960058", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n2930:*:*:*:*:*:*:*", matchCriteriaId: "A4695F94-7AAE-4219-9EF6-CE6D0838192D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n2940:*:*:*:*:*:*:*", matchCriteriaId: "BD7A0991-73F0-410D-855C-BFC88A66E61F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n3000:*:*:*:*:*:*:*", matchCriteriaId: "FAF5CF9A-B3F2-4686-B933-7DB13AD2CF35", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n3010:*:*:*:*:*:*:*", matchCriteriaId: "9858EAC3-C1CE-449B-A605-FFA337DA825D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n3050:*:*:*:*:*:*:*", matchCriteriaId: "E7A8F905-A4C6-4EC6-B9E8-800948350B89", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n3060:*:*:*:*:*:*:*", matchCriteriaId: "565B48E3-1406-4E3C-B4A5-35865C5614E1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n3150:*:*:*:*:*:*:*", matchCriteriaId: "46B6C4D7-B0A2-4DF1-B8DE-19C806D5FABB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n3160:*:*:*:*:*:*:*", matchCriteriaId: "8AB82A90-C0BC-4BA8-88CA-4967BC3A4A7A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n3350:*:*:*:*:*:*:*", matchCriteriaId: "191A094B-E354-4767-AD43-87CE140BF851", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n3450:*:*:*:*:*:*:*", matchCriteriaId: "C1289B9E-5725-42EF-8848-F545421A29E1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n4000:*:*:*:*:*:*:*", matchCriteriaId: "238A21CB-F8C5-468B-B523-6D014E2EA8AA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n:n4100:*:*:*:*:*:*:*", matchCriteriaId: "0DC52CDD-614D-4EA0-8DA8-D71189C42E8B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:330e:*:*:*:*:*:*:*", matchCriteriaId: "A4229DB2-8BBC-49F8-87A8-2E7D56EFD310", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:330m:*:*:*:*:*:*:*", matchCriteriaId: "FEBA7322-4D95-4E70-B6A5-E0D8F1B5D7EB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:330um:*:*:*:*:*:*:*", matchCriteriaId: "A0E91F46-D950-4894-BACF-05A70C7C6F7B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:350m:*:*:*:*:*:*:*", matchCriteriaId: "0E12B40B-5221-48A6-B2A6-D44CD5636BB0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:370m:*:*:*:*:*:*:*", matchCriteriaId: "6BCB77C9-ABE3-44A0-B377-7D7035E8A11F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:380m:*:*:*:*:*:*:*", matchCriteriaId: "D06639F5-5EE8-44F4-B48A-5694383154DF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:380um:*:*:*:*:*:*:*", matchCriteriaId: "CD9662C9-59D3-4B3E-A4DA-4F1EE16FC94B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:390m:*:*:*:*:*:*:*", matchCriteriaId: "637C3687-FBCC-41A0-BFE6-823BAE45FB92", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:530:*:*:*:*:*:*:*", matchCriteriaId: "2350A197-193F-4B22-80E8-3275C97C78EE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:540:*:*:*:*:*:*:*", matchCriteriaId: "734C7A7E-ACCA-4B34-BF38-0FAED988CC6A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:550:*:*:*:*:*:*:*", matchCriteriaId: "4D9ABAFC-B3B5-449D-A48E-2E978563EDE7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:560:*:*:*:*:*:*:*", matchCriteriaId: "99019EA0-6576-4CE7-B60A-975D418AA917", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2100:*:*:*:*:*:*:*", matchCriteriaId: "8E846AEF-751D-40AD-84B5-EFDC9CF23E2F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2100t:*:*:*:*:*:*:*", matchCriteriaId: "EB9DD909-B2AC-46BA-B057-D239D0773CAD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2102:*:*:*:*:*:*:*", matchCriteriaId: "54F5C355-FDFC-4E71-93AA-218389EF10E6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2105:*:*:*:*:*:*:*", matchCriteriaId: "B0A1CA1E-971D-4F67-864E-2E772C1E736B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2115c:*:*:*:*:*:*:*", matchCriteriaId: "1B5F8391-D974-49AC-8550-ADB3FA6C0535", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2120:*:*:*:*:*:*:*", matchCriteriaId: "8302BF58-9E54-40DA-BCFE-59CA52C460D9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2120t:*:*:*:*:*:*:*", matchCriteriaId: "ECCDE9EF-037B-4650-8131-4D57BE141277", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2125:*:*:*:*:*:*:*", matchCriteriaId: "47BA9DA8-F690-4E3C-AEF6-6A5C7BAA6F19", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2130:*:*:*:*:*:*:*", matchCriteriaId: "DB8253DA-9A04-40D6-84C1-C682B4023D4B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2310e:*:*:*:*:*:*:*", matchCriteriaId: "DAF6D175-85C3-4C72-AD9F-31B47EF43154", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2310m:*:*:*:*:*:*:*", matchCriteriaId: "7A5FC594-2092-4240-9538-235BBE236DD9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2312m:*:*:*:*:*:*:*", matchCriteriaId: "87D95F00-EA89-4FDE-991C-56636B8E0331", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2328m:*:*:*:*:*:*:*", matchCriteriaId: "32C40D38-F7F2-4A48-ADAA-6A8BBD6A1A00", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2330e:*:*:*:*:*:*:*", matchCriteriaId: "4158561F-8270-42D1-91D8-E063CE7F5505", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2330m:*:*:*:*:*:*:*", matchCriteriaId: "FF0DEA96-0202-41EB-BDC3-24E2FC4415B2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2340ue:*:*:*:*:*:*:*", matchCriteriaId: "F8BACE1C-5D66-4FBC-8F86-30215A623A94", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2348m:*:*:*:*:*:*:*", matchCriteriaId: "CF707146-0D64-4F3A-AE22-956EA1CB32B6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2350m:*:*:*:*:*:*:*", matchCriteriaId: "8118C3F9-0853-4E87-9E65-86E1398B2780", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2357m:*:*:*:*:*:*:*", matchCriteriaId: "1A298501-C4D7-48D4-90F9-15AFA59DED48", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2365m:*:*:*:*:*:*:*", matchCriteriaId: "FEE1B07B-3D92-4D2D-8667-D902F002277F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2367m:*:*:*:*:*:*:*", matchCriteriaId: "8F05CB19-1059-4C4D-BFD7-9F51A22A4F97", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2370m:*:*:*:*:*:*:*", matchCriteriaId: "5588732F-7F1A-4C24-B35F-30532107FFDE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2375m:*:*:*:*:*:*:*", matchCriteriaId: "A127DD5D-426D-4F24-A8C5-DC9DAC94B91C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:2377m:*:*:*:*:*:*:*", matchCriteriaId: "26EE0BBD-3982-4B0F-82F6-D58E077C75DD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3110m:*:*:*:*:*:*:*", matchCriteriaId: "FAEEC918-EA25-4B38-B5C3-85899D3EBE6C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3115c:*:*:*:*:*:*:*", matchCriteriaId: "813965F4-3BDA-4478-8E6A-0FD52723B764", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3120m:*:*:*:*:*:*:*", matchCriteriaId: "2C5EA2F4-F3EF-4305-B1A1-92F636ED688F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3120me:*:*:*:*:*:*:*", matchCriteriaId: "04384319-EE8C-45B4-8BDD-414502E7C02D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3130m:*:*:*:*:*:*:*", matchCriteriaId: "C52528CE-4F31-4E5F-8255-E576B20F3043", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3210:*:*:*:*:*:*:*", matchCriteriaId: "A6C3F422-F865-4160-AA24-1DAFAE63729C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3217u:*:*:*:*:*:*:*", matchCriteriaId: "5D034E7F-4D17-49D7-BDB2-90CB4C709B30", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3217ue:*:*:*:*:*:*:*", matchCriteriaId: "3C18E6B4-E947-403B-80FB-7095420D482B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3220:*:*:*:*:*:*:*", matchCriteriaId: "2814CC9F-E027-4C5A-93AF-84EA445E6C12", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3220t:*:*:*:*:*:*:*", matchCriteriaId: "24A470C3-AAAA-4A6E-B738-FEB69DB78B9D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3225:*:*:*:*:*:*:*", matchCriteriaId: "A1236944-4942-40E4-9BA1-029FEAE94BBC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3227u:*:*:*:*:*:*:*", matchCriteriaId: "086CAB4B-A10A-4165-BC33-33CADCD23C0F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3229y:*:*:*:*:*:*:*", matchCriteriaId: "B1A6A1EB-B3AB-4CB4-827E-CCAAD783F8E0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3240:*:*:*:*:*:*:*", matchCriteriaId: "AAFB6B30-BFB0-4397-9E16-37D1A772E639", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3240t:*:*:*:*:*:*:*", matchCriteriaId: "DFCB9D7B-7D0A-435D-8499-C16BE09E19FB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3245:*:*:*:*:*:*:*", matchCriteriaId: "64277594-9713-436B-8056-542CFA9F4CFC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3250:*:*:*:*:*:*:*", matchCriteriaId: "589BB170-7CBA-4F28-99E3-9242B62E2918", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:3250t:*:*:*:*:*:*:*", matchCriteriaId: "91B9C4D9-DA09-4377-9DCD-225857BD9FA7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4000m:*:*:*:*:*:*:*", matchCriteriaId: "03D0265F-840B-45A1-90BD-9ED8846A9F63", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4005u:*:*:*:*:*:*:*", matchCriteriaId: "74BAC0EC-2B38-4553-A399-4BD5483C4753", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4010u:*:*:*:*:*:*:*", matchCriteriaId: "4477EBA6-F0A7-452B-96E8-BA788370CCA8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4010y:*:*:*:*:*:*:*", matchCriteriaId: "1285D817-B5B8-4940-925D-FCDD24810AE6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4012y:*:*:*:*:*:*:*", matchCriteriaId: "D289F7B4-27CD-4433-BB45-06AF98A59B7A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4020y:*:*:*:*:*:*:*", matchCriteriaId: "00168903-6012-4414-87D1-2EE52AA6D78E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4025u:*:*:*:*:*:*:*", matchCriteriaId: "6AE8D524-577E-4994-8A4B-D15022C84D7F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4030u:*:*:*:*:*:*:*", matchCriteriaId: "75977B0B-C44D-43BC-8D7A-AF966CDB1901", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4030y:*:*:*:*:*:*:*", matchCriteriaId: "AE7F5D52-9F41-49A4-B941-E0D777203FF7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4100e:*:*:*:*:*:*:*", matchCriteriaId: "52B5B3FD-5BEA-4DE8-B010-55FED1547167", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4100m:*:*:*:*:*:*:*", matchCriteriaId: "167B1B04-5823-4038-A019-3975A3B447C9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4100u:*:*:*:*:*:*:*", matchCriteriaId: "F6C7A4EA-0B5E-47CD-8924-3B1B60EB4BE4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4102e:*:*:*:*:*:*:*", matchCriteriaId: "1BA096E0-5480-47CB-822B-D11D7E20F69F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4110e:*:*:*:*:*:*:*", matchCriteriaId: "30357469-0B8F-4385-A282-2F50181EA442", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4110m:*:*:*:*:*:*:*", matchCriteriaId: "3BE70772-7796-4594-880A-6AAD046E4D8D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4112e:*:*:*:*:*:*:*", matchCriteriaId: "1A9E2F8D-2974-4833-9EC2-233CEE257C26", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4120u:*:*:*:*:*:*:*", matchCriteriaId: "17EE3078-454F-48F8-B201-3847DB40D5C4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4130:*:*:*:*:*:*:*", matchCriteriaId: "EE32C500-55C2-41A7-8621-14EBF793BF11", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4130t:*:*:*:*:*:*:*", matchCriteriaId: "52D3DF52-501A-4656-98F1-8DD51D04F31F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4150:*:*:*:*:*:*:*", matchCriteriaId: "3EA603AD-6CF1-44B2-876D-6F1C0B7EF2C9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4150t:*:*:*:*:*:*:*", matchCriteriaId: "09578301-CF39-4C24-951A-535743E277EF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4158u:*:*:*:*:*:*:*", matchCriteriaId: "1F4D14AA-7DBF-4B73-BDEF-6248EF5C0F7A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4160:*:*:*:*:*:*:*", matchCriteriaId: "5A65F303-96C8-4884-8D6F-F439B86BA30C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4160t:*:*:*:*:*:*:*", matchCriteriaId: "1E046105-9DF5-425F-A97E-16081D54613C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4170:*:*:*:*:*:*:*", matchCriteriaId: "B2987BCF-39E6-49B6-8DEE-963A38F12B07", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4170t:*:*:*:*:*:*:*", matchCriteriaId: "7AEDE2B7-9AA2-4A14-8A02-9A2BFF0DDCBF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4330:*:*:*:*:*:*:*", matchCriteriaId: "5AD92AD8-033A-4AAD-91E5-CB446CCE9732", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4330t:*:*:*:*:*:*:*", matchCriteriaId: "77E0E73A-F1B4-4E70-B9F1-EE97785B8891", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4330te:*:*:*:*:*:*:*", matchCriteriaId: "61D6E3CC-79B1-4995-9A76-41683C7F254A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4340:*:*:*:*:*:*:*", matchCriteriaId: "F9CEB2B1-BD1A-4B89-8E03-4F90F04A0F0E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4340te:*:*:*:*:*:*:*", matchCriteriaId: "6FE5773D-3CD1-4E63-8983-E0105C46D185", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4350:*:*:*:*:*:*:*", matchCriteriaId: "2A7C307A-6576-4A0A-8F4E-0981C9EE2901", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4350t:*:*:*:*:*:*:*", matchCriteriaId: "18B3A53B-902C-46A5-8CE7-B55102703278", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4360:*:*:*:*:*:*:*", matchCriteriaId: "AB843479-729A-4E58-8027-0FC586F051AA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4360t:*:*:*:*:*:*:*", matchCriteriaId: "1AF5A233-1E77-49FD-AC2C-60D185481E28", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4370:*:*:*:*:*:*:*", matchCriteriaId: "18519CF2-B0DA-42DD-8A3E-9084298C210A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:4370t:*:*:*:*:*:*:*", matchCriteriaId: "329D5FCF-7EC5-4471-906B-3619A180BD52", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:5005u:*:*:*:*:*:*:*", matchCriteriaId: "0DD43EAA-F3A5-4748-9187-A6E6707ACD11", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:5010u:*:*:*:*:*:*:*", matchCriteriaId: "C6F3C14D-4BFC-4205-8781-95E6B28C83C1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:5015u:*:*:*:*:*:*:*", matchCriteriaId: "20942AD8-ADB7-4A50-BDBE-DB36249F4F52", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:5020u:*:*:*:*:*:*:*", matchCriteriaId: "1EC6ED02-134B-4322-AB72-75A0AB22701E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:5157u:*:*:*:*:*:*:*", matchCriteriaId: "6FA74EEE-54CC-4F80-B1D3-99F7771335ED", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:6006u:*:*:*:*:*:*:*", matchCriteriaId: "B6B859F7-0373-4ADD-92B3-0FAB42FCF23C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:6098p:*:*:*:*:*:*:*", matchCriteriaId: "AAC76F31-00A5-4719-AA50-92F773919B3C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:6100:*:*:*:*:*:*:*", matchCriteriaId: "49996F5A-51B2-4D4E-AE04-E98E093A76CC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:6100e:*:*:*:*:*:*:*", matchCriteriaId: "9F8406B0-D1E5-4633-B17E-53DC99FE7622", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:6100h:*:*:*:*:*:*:*", matchCriteriaId: "3D49435C-7C33-454B-9F43-9C10F28A28A1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:6100t:*:*:*:*:*:*:*", matchCriteriaId: "D17E1A0F-1150-4899-81BC-BE84E4EF5FA3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:6100te:*:*:*:*:*:*:*", matchCriteriaId: "EADD98AE-BAB0-440D-AB9F-2D76BE5109E2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:6100u:*:*:*:*:*:*:*", matchCriteriaId: "ED44A404-8548-4EDC-8928-4094D05A6A38", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:6102e:*:*:*:*:*:*:*", matchCriteriaId: "3A6E4AA3-BEBC-4B14-9A52-A8F8B2954D64", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:6157u:*:*:*:*:*:*:*", matchCriteriaId: "D2AAD8F0-0D31-4806-8A88-A30E5BE43630", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:6167u:*:*:*:*:*:*:*", matchCriteriaId: "8164EE5F-6ABA-4365-8718-2F98C2E57A0F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:6300:*:*:*:*:*:*:*", matchCriteriaId: "C7110AF9-A407-4EE2-9C46-E5F1E3638E9A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:6300t:*:*:*:*:*:*:*", matchCriteriaId: "2A06696D-37F0-427D-BFC5-1606E7441C31", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:6320:*:*:*:*:*:*:*", matchCriteriaId: "E9F8A5FC-5EFE-42EC-A49B-D3A312FB5F6F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*", matchCriteriaId: "68A76015-0A05-4EC7-B136-DC13B55D881F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*", matchCriteriaId: "C352DCE8-E8D9-40D3-AFE9-B5FB84F7ED33", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:430m:*:*:*:*:*:*:*", matchCriteriaId: "54464F6C-9B2D-46BA-AC44-506389F3EE0C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:430um:*:*:*:*:*:*:*", matchCriteriaId: "8FA11017-EA58-45EE-8408-FCCCF7183643", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:450m:*:*:*:*:*:*:*", matchCriteriaId: "8A5098A5-E4E8-47E4-8CD0-F607FF0C0C90", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:460m:*:*:*:*:*:*:*", matchCriteriaId: "442AD778-D56F-4C30-BBF8-749D6AAC4737", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:470um:*:*:*:*:*:*:*", matchCriteriaId: "AF7D3F31-AF4D-4C50-8590-A763AAC7AF07", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:480m:*:*:*:*:*:*:*", matchCriteriaId: "445BFC2E-38FA-4130-8550-0866EC4EDA33", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:520e:*:*:*:*:*:*:*", matchCriteriaId: "A6DC2746-CE41-40C9-8CFA-23231BBCAE77", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:520m:*:*:*:*:*:*:*", matchCriteriaId: "3C3A8976-5E4D-490A-A87D-A47D1B2B903C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:520um:*:*:*:*:*:*:*", matchCriteriaId: "0C8535E6-220E-4747-8992-45B6EAFC555C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:540m:*:*:*:*:*:*:*", matchCriteriaId: "C7479B49-F484-4DF2-86CB-E52EE89FA238", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:540um:*:*:*:*:*:*:*", matchCriteriaId: "B6D68512-746D-4E95-857B-13A0B6313C5E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:560m:*:*:*:*:*:*:*", matchCriteriaId: "4312BA84-F9A0-4BD4-8438-058E1E7D6C0C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:560um:*:*:*:*:*:*:*", matchCriteriaId: "60E52DF5-C713-4BC4-B587-FF6BDA8509CC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:580m:*:*:*:*:*:*:*", matchCriteriaId: "304ADCAC-9E49-42BD-BC92-58D9B2AD52E0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:650:*:*:*:*:*:*:*", matchCriteriaId: "2AB02172-B9A7-4801-88F2-98BF5843184A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:655k:*:*:*:*:*:*:*", matchCriteriaId: "5141380E-BD18-47C1-A84C-384BA821773D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:660:*:*:*:*:*:*:*", matchCriteriaId: "1AE6C49E-2359-4E44-9979-7D34F8460E35", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:661:*:*:*:*:*:*:*", matchCriteriaId: "C004B75F-37AF-4E61-98F3-1B09A7062DDB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:670:*:*:*:*:*:*:*", matchCriteriaId: "F7126D19-C6D9-43CB-8809-647B1A20E7DE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:680:*:*:*:*:*:*:*", matchCriteriaId: "9CC98503-A80A-4114-8BF2-E016659BE84E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:750:*:*:*:*:*:*:*", matchCriteriaId: "01E6F4A7-24BE-4AA0-9CDD-84FBC56FE9BB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:750s:*:*:*:*:*:*:*", matchCriteriaId: "3821412D-B010-49C4-A7B4-6C5FB6C603B1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:760:*:*:*:*:*:*:*", matchCriteriaId: "A34CA5CC-9EB1-4063-8B9D-3F566C1EFF76", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2300:*:*:*:*:*:*:*", matchCriteriaId: "5CEB5D2D-FF54-4BDB-9E9C-8C1B2719FC9A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2310:*:*:*:*:*:*:*", matchCriteriaId: "6AD5B51A-AEA0-4DA2-BA60-94A2D5605352", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2320:*:*:*:*:*:*:*", matchCriteriaId: "F96C6CA0-434D-428F-B629-A971C2937628", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2380p:*:*:*:*:*:*:*", matchCriteriaId: "301AB72A-A6F2-42C8-A931-94EF2271443F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2390t:*:*:*:*:*:*:*", matchCriteriaId: "59414B5A-05B8-49AF-A197-2A31729DDB65", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2400:*:*:*:*:*:*:*", matchCriteriaId: "0BFDD380-692F-41D7-996F-F97FC74DC7CF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2400s:*:*:*:*:*:*:*", matchCriteriaId: "49602828-2BFC-4571-9F05-6210FD263DF2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2405s:*:*:*:*:*:*:*", matchCriteriaId: "87E03978-E16D-4A9B-8AE7-9F4F1171C14A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2410m:*:*:*:*:*:*:*", matchCriteriaId: "03096A9A-5758-47E6-81E2-BCFE847C41F4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2430m:*:*:*:*:*:*:*", matchCriteriaId: "150CC865-7975-45EC-BFF7-A94146442BA8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2435m:*:*:*:*:*:*:*", matchCriteriaId: "C8FA1308-589B-432B-80F9-9A499D083ED5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2450m:*:*:*:*:*:*:*", matchCriteriaId: "6ED2453E-30E1-4620-BEC5-21B0083449E2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2450p:*:*:*:*:*:*:*", matchCriteriaId: "0FE8DD05-D700-4F89-9B01-D489029DF7A8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2467m:*:*:*:*:*:*:*", matchCriteriaId: "050957CA-6191-4F9F-9D07-48B342B3B1B8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2500:*:*:*:*:*:*:*", matchCriteriaId: "DACBF998-8B11-45C7-9017-486AED4FAE6C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2500k:*:*:*:*:*:*:*", matchCriteriaId: "C9F2F3C4-FC94-414A-A208-913A43D57D75", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2500s:*:*:*:*:*:*:*", matchCriteriaId: "641152EC-F4B4-4E5E-B396-AC4CAAB805BF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2500t:*:*:*:*:*:*:*", matchCriteriaId: "4911E332-B8BA-4336-A448-3F70D2BBB147", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2510e:*:*:*:*:*:*:*", matchCriteriaId: "330EC403-3174-4543-9BBE-CEC0ABC1575D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2515e:*:*:*:*:*:*:*", matchCriteriaId: "5EF585D0-507E-491E-9C3B-78EE26F2F070", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2520m:*:*:*:*:*:*:*", matchCriteriaId: "DD00F7C6-6762-4DC9-9F6C-5EAC4ACB1C54", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2537m:*:*:*:*:*:*:*", matchCriteriaId: "1F5D885A-85C4-4A11-B061-61EFF6B6E329", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2540m:*:*:*:*:*:*:*", matchCriteriaId: "0502B59F-933C-4E25-A2EC-9296B197E139", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2550k:*:*:*:*:*:*:*", matchCriteriaId: "99D9C0A9-2DFF-4760-8FED-AC2DA7968E51", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:2557m:*:*:*:*:*:*:*", matchCriteriaId: "B5A1BAEC-18BF-4607-BFB7-48102E75186A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3210m:*:*:*:*:*:*:*", matchCriteriaId: "D49ED138-F42D-4451-A350-0B2DD5AB9444", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3230m:*:*:*:*:*:*:*", matchCriteriaId: "5ED91472-90FC-4AC8-96D5-1550A8502411", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3317u:*:*:*:*:*:*:*", matchCriteriaId: "57CEEFA6-CEED-4CA3-8DDC-B6601D69FB7C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3320m:*:*:*:*:*:*:*", matchCriteriaId: "2FD25ECD-0605-4CD7-9DC5-294ACD7EF1B0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3330:*:*:*:*:*:*:*", matchCriteriaId: "2784E2AF-A5E5-4960-830C-B3EFB84043D0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3330s:*:*:*:*:*:*:*", matchCriteriaId: "9112FA50-5527-4B20-80F5-2DE9E66D09F6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3337u:*:*:*:*:*:*:*", matchCriteriaId: "73CE4E2E-B2BF-409E-B18C-D67DA810FE9B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3339y:*:*:*:*:*:*:*", matchCriteriaId: "E2B84D67-0B1D-4B74-BC85-AF8F933D8429", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3340:*:*:*:*:*:*:*", matchCriteriaId: "BCA05A18-1523-4EED-9D2E-0A258A33F24F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3340m:*:*:*:*:*:*:*", matchCriteriaId: "C34E70EB-92F0-43F6-8883-FE422BE1A3FC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3340s:*:*:*:*:*:*:*", matchCriteriaId: "78D301F1-20C2-4756-9A90-37F14835CE14", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3350p:*:*:*:*:*:*:*", matchCriteriaId: "B2EEC8B5-1CAB-4FBE-BBA2-D2FFA3EF9489", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3360m:*:*:*:*:*:*:*", matchCriteriaId: "BA63B803-4D48-42E8-A793-F92ABCB8BFC9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3380m:*:*:*:*:*:*:*", matchCriteriaId: "129DB9CB-E878-4856-A954-15FFE1428636", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3427u:*:*:*:*:*:*:*", matchCriteriaId: "730DB4AA-FD7D-40C6-8D7F-19937832EF9A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3437u:*:*:*:*:*:*:*", matchCriteriaId: "07E86978-4820-422A-8C7C-FF0697DAED05", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3439y:*:*:*:*:*:*:*", matchCriteriaId: "8A7A9DB5-F544-4FD8-A9CC-0BD6257516AF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3450:*:*:*:*:*:*:*", matchCriteriaId: "AF813AD9-D296-4915-861C-8DE929E45FE3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3450s:*:*:*:*:*:*:*", matchCriteriaId: "04A65469-083F-40B5-86C5-A2EAE5B2F00A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3470:*:*:*:*:*:*:*", matchCriteriaId: "8F1AA82E-BD86-40F5-B417-71DF6AF53A37", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3470s:*:*:*:*:*:*:*", matchCriteriaId: "B71A6DB0-5EB0-4712-8480-CF427F521D33", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3470t:*:*:*:*:*:*:*", matchCriteriaId: "8223D5A1-ADF1-43C6-AF91-EE5C413BCB37", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3475s:*:*:*:*:*:*:*", matchCriteriaId: "4DD69605-F52B-4623-921A-983A5A408ECA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3550:*:*:*:*:*:*:*", matchCriteriaId: "B1D5685F-6FFE-4A6A-9FF8-940C8DA36499", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3550s:*:*:*:*:*:*:*", matchCriteriaId: "B94062D9-8DDA-4B4A-B3B5-07F71F5B97E7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3570:*:*:*:*:*:*:*", matchCriteriaId: "3832D0A6-419D-4876-B5C4-920578F713F3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3570k:*:*:*:*:*:*:*", matchCriteriaId: "E1AA5C8A-83A8-4F96-9D7C-7A50ADDB2341", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3570s:*:*:*:*:*:*:*", matchCriteriaId: "404E38E6-9EB3-41D0-97A7-DC579688BFB0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3570t:*:*:*:*:*:*:*", matchCriteriaId: "40E4A921-AB28-47B7-B5A3-EB82193D15BA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:3610me:*:*:*:*:*:*:*", matchCriteriaId: "B0357E48-2300-47B4-B9E5-9FE813A2FC09", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4200h:*:*:*:*:*:*:*", matchCriteriaId: "96CC28B6-57D1-4919-AA55-A262CC16AFE6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4200m:*:*:*:*:*:*:*", matchCriteriaId: "0EB4C54D-1265-425A-B507-E1099844875A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4200u:*:*:*:*:*:*:*", matchCriteriaId: "97362147-3A71-430D-9064-4435D45C3B8C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4200y:*:*:*:*:*:*:*", matchCriteriaId: "89212CF3-4E99-4389-94CE-F4211DDCA01B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4202y:*:*:*:*:*:*:*", matchCriteriaId: "FBEA4DA3-0AFB-4FCE-92DB-5B316775BB17", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4210h:*:*:*:*:*:*:*", matchCriteriaId: "611C0A0A-1FA3-42F9-82E8-BFCB71A077DD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4210m:*:*:*:*:*:*:*", matchCriteriaId: "36F027D9-DCB4-4A3D-8987-41F2941DBD45", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4210u:*:*:*:*:*:*:*", matchCriteriaId: "E23BCEC9-2BFB-4B41-9A7A-18B1347C6202", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4210y:*:*:*:*:*:*:*", matchCriteriaId: "4924CE39-A846-4DB4-9547-6322FC5AD6B3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4220y:*:*:*:*:*:*:*", matchCriteriaId: "6C9E2C9A-94A1-456B-90D5-54932DF64C22", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4250u:*:*:*:*:*:*:*", matchCriteriaId: "AC04C652-B2D8-4002-A50E-8AFE83204A25", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4258u:*:*:*:*:*:*:*", matchCriteriaId: "10D413F0-CDBC-4A63-B9A7-9E7725BA1E83", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4260u:*:*:*:*:*:*:*", matchCriteriaId: "754A8826-59F7-4A71-B74B-737BE9C7DE4F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4278u:*:*:*:*:*:*:*", matchCriteriaId: "FADB6BDA-6825-489B-AB39-7729BA45DFD8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4288u:*:*:*:*:*:*:*", matchCriteriaId: "7913F57E-E600-4767-AF51-D045E1898E72", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4300m:*:*:*:*:*:*:*", matchCriteriaId: "BD3783F4-5A05-45AA-9791-A681011FD78C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4300u:*:*:*:*:*:*:*", matchCriteriaId: "01E3114D-31D2-4DBF-A664-F4049D8B6266", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4300y:*:*:*:*:*:*:*", matchCriteriaId: "D8EE6578-981D-470C-BB24-4960B3CB1478", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4302y:*:*:*:*:*:*:*", matchCriteriaId: "E3320D50-C5C9-4D75-BF1A-5BB7BCBFE2BD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4308u:*:*:*:*:*:*:*", matchCriteriaId: "7EE59839-8EB9-47FE-88E2-F0D54BE787A2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4310m:*:*:*:*:*:*:*", matchCriteriaId: "75694A3D-080A-4AA7-97DF-5A5833C9D9F7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4310u:*:*:*:*:*:*:*", matchCriteriaId: "19C5E27D-BBAB-4395-8FC6-8E3D4FB9A1EE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4330m:*:*:*:*:*:*:*", matchCriteriaId: "6E996176-3DEA-46E6-93B7-9C0DF32B59D3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4340m:*:*:*:*:*:*:*", matchCriteriaId: "4417007D-126A-478B-87EA-039D088A4515", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4350u:*:*:*:*:*:*:*", matchCriteriaId: "F78C2825-F6A3-4188-9D25-59EAEC8A7B0A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4360u:*:*:*:*:*:*:*", matchCriteriaId: "EF2FA85D-B117-410D-B247-8C5A3479319A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4400e:*:*:*:*:*:*:*", matchCriteriaId: "3A041D27-132C-4B15-976F-1750C039A89F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4402e:*:*:*:*:*:*:*", matchCriteriaId: "5D495E06-BF2B-4C5A-881D-94C93CD2BA2B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4402ec:*:*:*:*:*:*:*", matchCriteriaId: "7C31DFB8-8D8C-47D6-AAFF-BAE829A3D965", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4410e:*:*:*:*:*:*:*", matchCriteriaId: "088BC395-06D5-4156-85EB-63C4A9552898", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4422e:*:*:*:*:*:*:*", matchCriteriaId: "33A220A2-A6D2-46A7-B168-607400EEDCE3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4430:*:*:*:*:*:*:*", matchCriteriaId: "1E79232F-7196-440B-82D4-165885251232", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4430s:*:*:*:*:*:*:*", matchCriteriaId: "ED866954-77AB-4CA8-8AED-4252C595FC4D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4440:*:*:*:*:*:*:*", matchCriteriaId: "28A1F516-B180-45D4-8EB1-754B7497CB2B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4440s:*:*:*:*:*:*:*", matchCriteriaId: "36758A04-64D3-4150-A004-CF042FA31CD9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4460:*:*:*:*:*:*:*", matchCriteriaId: "1E01752E-F1DD-400A-A917-216CAF15B0F9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4460s:*:*:*:*:*:*:*", matchCriteriaId: "AD47EC58-F776-4F59-8F15-4B208904CF4B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4460t:*:*:*:*:*:*:*", matchCriteriaId: "2D3781F4-2123-4FA1-8AF5-D0D1E6C1A5B9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4570:*:*:*:*:*:*:*", matchCriteriaId: "94565E35-8A58-4CB6-A489-C796DCB97FC5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4570r:*:*:*:*:*:*:*", matchCriteriaId: "49964D35-5323-4412-BD54-661630F9A8CB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4570s:*:*:*:*:*:*:*", matchCriteriaId: "F0A37E7D-1BF6-4A2A-BF52-5F0EC4B4F341", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4570t:*:*:*:*:*:*:*", matchCriteriaId: "A0F66468-87D0-41FC-934B-5924BE2956CB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4570te:*:*:*:*:*:*:*", matchCriteriaId: "3E0F93E1-4607-4DF4-AC6E-4B7254D4A8DE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4590:*:*:*:*:*:*:*", matchCriteriaId: "45C0D99E-443E-4AB1-A07A-900A09FE177E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4590s:*:*:*:*:*:*:*", matchCriteriaId: "C6D0FD76-C1FB-43D0-8511-FC0BA6DA7960", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4590t:*:*:*:*:*:*:*", matchCriteriaId: "A9DAEE52-09C3-4A09-9958-9D6807B2700B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4670:*:*:*:*:*:*:*", matchCriteriaId: "B97690D4-E814-4D40-B170-BE56D7AE2C1B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4670k:*:*:*:*:*:*:*", matchCriteriaId: "89804F2C-D32D-4444-ABEA-5B241153D096", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4670r:*:*:*:*:*:*:*", matchCriteriaId: "2AAAAF9C-B29B-4020-BAFF-C87B1A08294A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4670s:*:*:*:*:*:*:*", matchCriteriaId: "ECE60E1E-AB8D-46E4-A779-A54F2D20B5D5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4670t:*:*:*:*:*:*:*", matchCriteriaId: "EB958A28-7C9A-4BD0-B002-4E1A65CDB0A4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4690:*:*:*:*:*:*:*", matchCriteriaId: "7C27B318-2AC1-423D-B0C8-583BB1800D5A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4690k:*:*:*:*:*:*:*", matchCriteriaId: "9E58E3D0-1154-4B13-BA16-67CE67DF0637", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4690s:*:*:*:*:*:*:*", matchCriteriaId: "32D2ACB3-B906-4944-A021-03C4645965BD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:4690t:*:*:*:*:*:*:*", matchCriteriaId: "8FFF834A-D7F0-4E48-AD3D-DD0BCE6DEC0E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:5200u:*:*:*:*:*:*:*", matchCriteriaId: "8E1A41BA-A1D6-484A-BAD2-68DF85598354", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:5250u:*:*:*:*:*:*:*", matchCriteriaId: "11260C9D-69A9-4D81-9CCF-2E116DD75F7C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:5257u:*:*:*:*:*:*:*", matchCriteriaId: "1C020F06-FD27-46E3-A48F-3F60F33BB969", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:5287u:*:*:*:*:*:*:*", matchCriteriaId: "03C74F10-6A7F-4F68-8A34-E981E1760DE5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:5300u:*:*:*:*:*:*:*", matchCriteriaId: "24741B98-8D0E-4307-AAEF-A14B2531DCA9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:5350h:*:*:*:*:*:*:*", matchCriteriaId: "8D4FA4BA-4304-4A70-9F86-120F2A3D8148", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:5350u:*:*:*:*:*:*:*", matchCriteriaId: "367FC8BA-F046-4264-A049-49E933E7698F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:5575r:*:*:*:*:*:*:*", matchCriteriaId: "DE9B68D3-1DFB-4468-85C4-AC13E6CBC111", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:5675c:*:*:*:*:*:*:*", matchCriteriaId: "C966A016-B650-44D9-B8C4-1ED50AB318DA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:5675r:*:*:*:*:*:*:*", matchCriteriaId: "DC448FF0-6D3F-4609-864B-4191905EE2B9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6200u:*:*:*:*:*:*:*", matchCriteriaId: "0FC246FE-4CA6-4B2D-83C3-D50A386C24A0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6260u:*:*:*:*:*:*:*", matchCriteriaId: "758A14DB-1BAF-442A-BA7C-5E9C67847BEA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6267u:*:*:*:*:*:*:*", matchCriteriaId: "61309100-CFA7-4607-A236-8910838AA057", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6287u:*:*:*:*:*:*:*", matchCriteriaId: "82D76265-7BD0-4C51-AE77-22B22524DE81", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6300hq:*:*:*:*:*:*:*", matchCriteriaId: "DE38B195-BB8D-4747-881D-E8033760B4C8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6300u:*:*:*:*:*:*:*", matchCriteriaId: "1AA8BE76-168D-48A3-8DF6-E91F44600408", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6350hq:*:*:*:*:*:*:*", matchCriteriaId: "3B656975-5D71-4712-9820-BDB7BC248AFA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6360u:*:*:*:*:*:*:*", matchCriteriaId: "FA045267-114D-4587-B6D7-E273C28DC9B1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6400:*:*:*:*:*:*:*", matchCriteriaId: "77018415-E122-406E-896D-1BC6CF790BE3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6400t:*:*:*:*:*:*:*", matchCriteriaId: "3ADF37F1-546B-4EF0-8DEC-DC3B9F5309FF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6402p:*:*:*:*:*:*:*", matchCriteriaId: "D7469256-1A64-46FF-8F5A-A8E9E3CF5BE5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6440eq:*:*:*:*:*:*:*", matchCriteriaId: "7F9069B9-9FE3-4AD5-9A8E-55C0F73BD756", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6440hq:*:*:*:*:*:*:*", matchCriteriaId: "F4E1C012-3E05-44DB-B6D2-BFD619C034B4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6442eq:*:*:*:*:*:*:*", matchCriteriaId: "15D689D6-8594-42F2-8EEF-DCAEBA885A67", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6500:*:*:*:*:*:*:*", matchCriteriaId: "A6446000-0494-4DC5-ABAA-F20A44546068", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6500t:*:*:*:*:*:*:*", matchCriteriaId: "99B94EEC-6690-45D0-B086-F4A5B25C25CB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6500te:*:*:*:*:*:*:*", matchCriteriaId: "8B767B6E-B3E6-4424-97A6-89A7E7EB0EEB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6585r:*:*:*:*:*:*:*", matchCriteriaId: "832AB3CD-E3A1-4CCB-A210-287973563D0E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6600:*:*:*:*:*:*:*", matchCriteriaId: "5A26C0CC-68AD-40F5-96B8-87E6C643F6F8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6600k:*:*:*:*:*:*:*", matchCriteriaId: "99C4221A-9994-43B3-9C7A-E13815A50A10", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6600t:*:*:*:*:*:*:*", matchCriteriaId: "20070B1D-B91C-40BA-A9D8-E80170A2933F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:6685r:*:*:*:*:*:*:*", matchCriteriaId: "A70129C9-371F-4542-A388-C095869E593A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*", matchCriteriaId: "6C4DE25F-168A-4C67-8B66-09F61F072BD4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*", matchCriteriaId: "58157F24-D89E-4552-8CE6-2F01E98BD1E5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*", matchCriteriaId: "BC7FFD78-1E1C-4246-BBD3-73FAC06AA46B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*", matchCriteriaId: "45ACBBEA-EC95-4F3E-B585-893DB6D21A0F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:7y75:*:*:*:*:*:*:*", matchCriteriaId: "7DEC55DF-1950-45E5-A5F2-B5604AFA1CBD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:610e:*:*:*:*:*:*:*", matchCriteriaId: "A6A5EC79-1B21-4BB3-8791-73507BC8D4DC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:620le:*:*:*:*:*:*:*", matchCriteriaId: "FCB4AFC3-FE30-4F46-ADC1-D03EB14E757D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:620lm:*:*:*:*:*:*:*", matchCriteriaId: "E0387587-AAB6-4284-8516-4DA3E3582D30", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:620m:*:*:*:*:*:*:*", matchCriteriaId: "A238C975-9196-449F-9C15-ABB2E9FD1D06", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:620ue:*:*:*:*:*:*:*", matchCriteriaId: "6F17F4A5-120B-4E00-97C8-8A85841ACBC9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:620um:*:*:*:*:*:*:*", matchCriteriaId: "2537F047-64C9-4E73-B82C-310253184183", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:640lm:*:*:*:*:*:*:*", matchCriteriaId: "3A55857C-649D-46CE-AEDA-6E553E554FC1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:640m:*:*:*:*:*:*:*", matchCriteriaId: "7BA4892D-AFDF-4441-821E-5EBF7F64C9F9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:640um:*:*:*:*:*:*:*", matchCriteriaId: "327E06A3-7F0E-4498-8811-10C8D15398FE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:660lm:*:*:*:*:*:*:*", matchCriteriaId: "1624E6D6-858E-4085-B0B9-362B819EFD88", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:660ue:*:*:*:*:*:*:*", matchCriteriaId: "50D61F4A-40F0-477C-8326-7359D3626E77", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:660um:*:*:*:*:*:*:*", matchCriteriaId: "1455B4DE-7F1C-4CF2-AE02-2EDD20025D62", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:680um:*:*:*:*:*:*:*", matchCriteriaId: "5B215788-860B-46CD-9A08-43AFF98FAEAA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:720qm:*:*:*:*:*:*:*", matchCriteriaId: "2B92FAD5-CA6E-48F7-9613-3A4CE90F5F54", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:740qm:*:*:*:*:*:*:*", matchCriteriaId: "E4EB132B-000C-4A17-AFB3-19F40A73D2CC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:820qm:*:*:*:*:*:*:*", matchCriteriaId: "5C4815AE-B635-4545-83C2-5EC4E0128337", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:840qm:*:*:*:*:*:*:*", matchCriteriaId: "C0046C06-E3E6-4674-A4D1-332DD29D9552", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:860:*:*:*:*:*:*:*", matchCriteriaId: "2C191851-3DC3-41C7-AD89-81F091CCC83A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:860s:*:*:*:*:*:*:*", matchCriteriaId: "21126922-8E81-47F4-82D4-CBCDDACEC4FA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:870:*:*:*:*:*:*:*", matchCriteriaId: "209E18B0-BBB5-4C65-B336-44340F7740DE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:870s:*:*:*:*:*:*:*", matchCriteriaId: "C867C0B8-91A4-482A-B7DD-54AB9599AE52", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:875k:*:*:*:*:*:*:*", matchCriteriaId: "30F03843-8A51-4CE1-BE6C-994BDE3A8F97", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:880:*:*:*:*:*:*:*", matchCriteriaId: "09854948-2657-4261-A32A-0523058F072E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:920:*:*:*:*:*:*:*", matchCriteriaId: "D13904A5-266D-481C-A42A-734C3823A238", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:920xm:*:*:*:*:*:*:*", matchCriteriaId: "ACC82FCB-0541-45C4-8B7E-CB612D7F702A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:930:*:*:*:*:*:*:*", matchCriteriaId: "6C18BD84-5E9C-4C9E-B0AA-2CEB0D7A58C3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:940:*:*:*:*:*:*:*", matchCriteriaId: "0F5ABC7E-C4E0-4850-A1E6-07EBCF4A87D3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:940xm:*:*:*:*:*:*:*", matchCriteriaId: "501E9355-0CDD-4951-BCC3-47962788BCCB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:950:*:*:*:*:*:*:*", matchCriteriaId: "B3D976D9-62F0-43C3-8359-E51E26B6CD87", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:960:*:*:*:*:*:*:*", matchCriteriaId: "02AFBCD0-9B4B-4CA3-8FA9-D8B6ECB24894", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:965:*:*:*:*:*:*:*", matchCriteriaId: "64ADE9AF-196F-4E0B-BC66-7DE0183F9032", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:970:*:*:*:*:*:*:*", matchCriteriaId: "C90CCA48-1705-4564-AAF9-271201BD5113", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:975:*:*:*:*:*:*:*", matchCriteriaId: "0B82BAFF-17F5-465C-8032-67D5ECAB2921", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:980:*:*:*:*:*:*:*", matchCriteriaId: "1F694FEC-B97D-4BDA-ADFA-751E8BFB7CD2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:980x:*:*:*:*:*:*:*", matchCriteriaId: "F831371E-7437-48D7-8281-1F406215041B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:990x:*:*:*:*:*:*:*", matchCriteriaId: "BC4F06B5-615A-464A-A0C4-7AABEE8530CD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2600:*:*:*:*:*:*:*", matchCriteriaId: "92AF503A-A2B1-4FC3-858B-264049ADF0F8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2600k:*:*:*:*:*:*:*", matchCriteriaId: "E702C7EC-B1D9-4BDF-B334-2004CD76B52B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2600s:*:*:*:*:*:*:*", matchCriteriaId: "E39F31D6-DC4B-46FE-BE5D-EA612D915A96", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2610ue:*:*:*:*:*:*:*", matchCriteriaId: "51CB8036-5F36-4CD4-9B3E-D2401F2E64F6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2617m:*:*:*:*:*:*:*", matchCriteriaId: "F9849BA3-3990-4E30-B99B-ADD043314CDA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2620m:*:*:*:*:*:*:*", matchCriteriaId: "A20FB18A-D3DA-4DE9-BEFF-75B7AB9B9A55", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2629m:*:*:*:*:*:*:*", matchCriteriaId: "7A67CD6F-5E4F-4E69-A2A9-A4033DCE08EA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2630qm:*:*:*:*:*:*:*", matchCriteriaId: "A0A22E92-1EA7-45D9-AC86-EC3D9664C294", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2635qm:*:*:*:*:*:*:*", matchCriteriaId: "D7FA2911-6561-47BF-BEE8-DDA31642C346", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2637m:*:*:*:*:*:*:*", matchCriteriaId: "1FA6CA23-6F2B-44D5-B2DA-4F142BA3E48A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2640m:*:*:*:*:*:*:*", matchCriteriaId: "0F829DED-4D92-401A-BD80-C070DE57FC7C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2649m:*:*:*:*:*:*:*", matchCriteriaId: "F560575C-FD8E-485D-B50A-572604BBE903", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2655le:*:*:*:*:*:*:*", matchCriteriaId: "6ED8C51B-AE59-46DC-85F9-6D3B2891CB3F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2657m:*:*:*:*:*:*:*", matchCriteriaId: "1A38D00A-B9DC-44DF-8247-70355FF9A6EF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2670qm:*:*:*:*:*:*:*", matchCriteriaId: "381EFC43-D5D9-4D10-90BE-4C333A9BA074", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2675qm:*:*:*:*:*:*:*", matchCriteriaId: "CBEDED18-2755-4C55-A1A1-04B4D5F40276", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2677m:*:*:*:*:*:*:*", matchCriteriaId: "F04B57EC-0731-40C8-939F-1C686A65A0FC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2700k:*:*:*:*:*:*:*", matchCriteriaId: "2AB301FB-EB3E-4F5F-868D-5B66CC7E1E6B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2710qe:*:*:*:*:*:*:*", matchCriteriaId: "CE1D28F9-B135-441B-A9BF-792DD356E374", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2715qe:*:*:*:*:*:*:*", matchCriteriaId: "4D01CE3E-5C89-4FC0-9097-CAC483ACD441", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2720qm:*:*:*:*:*:*:*", matchCriteriaId: "7BDD55C4-AFCD-4DF2-921C-DDC1D7556DA3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2760qm:*:*:*:*:*:*:*", matchCriteriaId: "8F52334F-BE6A-4FD4-9F63-AE9BB017115B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2820qm:*:*:*:*:*:*:*", matchCriteriaId: "C7C9BCC3-B9A6-4195-BF2F-E7BBCE8DC269", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2860qm:*:*:*:*:*:*:*", matchCriteriaId: "2A4DFFA7-AA0E-4D7E-97B8-13389FD47D4A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2920xm:*:*:*:*:*:*:*", matchCriteriaId: "707F6671-57AC-4DF4-8024-444502E5C92E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:2960xm:*:*:*:*:*:*:*", matchCriteriaId: "3C1FCE07-F9E8-4B14-95CE-01784D472128", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3517u:*:*:*:*:*:*:*", matchCriteriaId: "C208711F-FC06-46C8-8849-27054DC1B264", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3517ue:*:*:*:*:*:*:*", matchCriteriaId: "25AB8041-F201-4BB3-AAD9-199B06697DF3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3520m:*:*:*:*:*:*:*", matchCriteriaId: "D75C474C-D5EF-42D6-9B2A-A504BEFCB982", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3537u:*:*:*:*:*:*:*", matchCriteriaId: "1F566CD3-3649-492B-B0AB-A107E51675B9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3540m:*:*:*:*:*:*:*", matchCriteriaId: "BB9F3D74-AE72-4FC5-83E9-890781AF3093", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3555le:*:*:*:*:*:*:*", matchCriteriaId: "0E8EA6A7-4AB8-487E-B5DD-9989CC5F1CD8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3610qe:*:*:*:*:*:*:*", matchCriteriaId: "DF63DDC8-A0C1-482B-92F2-CF6135E8C2A5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3610qm:*:*:*:*:*:*:*", matchCriteriaId: "C69918C6-7AAD-4AA5-AB72-C275367B1008", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3612qe:*:*:*:*:*:*:*", matchCriteriaId: "06155B0B-A5AD-4A82-8C02-D264981687A6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3612qm:*:*:*:*:*:*:*", matchCriteriaId: "F76C19A4-FA26-432A-9443-9F92B2A946EB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3615qe:*:*:*:*:*:*:*", matchCriteriaId: "99BEE9BE-E49A-489B-B333-95D0993F8FA3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3615qm:*:*:*:*:*:*:*", matchCriteriaId: "7427A678-EC47-4030-B905-619DD95F5A82", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3630qm:*:*:*:*:*:*:*", matchCriteriaId: "86749716-1C9F-4C2A-B2A7-E62DEC10EA30", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3632qm:*:*:*:*:*:*:*", matchCriteriaId: "FD000B53-06DA-4ED4-B0EE-9CB201B75C8D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3635qm:*:*:*:*:*:*:*", matchCriteriaId: "A8424463-C329-4BAA-8AA1-25CD8B63292E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3667u:*:*:*:*:*:*:*", matchCriteriaId: "52727E62-0048-4C56-BC8C-B3450D257B21", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3687u:*:*:*:*:*:*:*", matchCriteriaId: "9D8223AA-F077-45FD-A7E3-3C2C1A8F6E91", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3689y:*:*:*:*:*:*:*", matchCriteriaId: "FAA34B50-2330-4D77-BF1A-6F05F3EF222C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3720qm:*:*:*:*:*:*:*", matchCriteriaId: "F6421F69-1076-43D2-B273-DE80FB2D5F72", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3740qm:*:*:*:*:*:*:*", matchCriteriaId: "C1EDA9E2-CFE7-4917-BE48-A83208BDF0F3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3770:*:*:*:*:*:*:*", matchCriteriaId: "9A34E7FC-93A4-45F2-A7B6-4A8ABFCAB0F9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3770k:*:*:*:*:*:*:*", matchCriteriaId: "7E611EDD-D44C-4311-B681-431D7C574528", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3770s:*:*:*:*:*:*:*", matchCriteriaId: "C5E1B6AA-2F9A-43A8-9147-2BD9474E54C7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3770t:*:*:*:*:*:*:*", matchCriteriaId: "1886D007-85B6-4E5A-968D-A1FD476A08A8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3820qm:*:*:*:*:*:*:*", matchCriteriaId: "BDDDCB65-4404-49BC-9515-ECECD58A667F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:3840qm:*:*:*:*:*:*:*", matchCriteriaId: "1B8D3E00-64C3-407A-9B00-8B6E383F73FA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4500u:*:*:*:*:*:*:*", matchCriteriaId: "CB1B00A1-9C15-47C2-9F57-66586DEACC7D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4510u:*:*:*:*:*:*:*", matchCriteriaId: "CB5BF932-459F-4DD2-B160-5FE0371C7D83", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4550u:*:*:*:*:*:*:*", matchCriteriaId: "A58ACE96-F1BE-4261-8F94-FC3C6E7C7561", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4558u:*:*:*:*:*:*:*", matchCriteriaId: "783D6EA7-C016-4314-A87B-4FED1DC7114B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4578u:*:*:*:*:*:*:*", matchCriteriaId: "7AD0176F-FFAE-4A85-9327-CE72FE059E90", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4600m:*:*:*:*:*:*:*", matchCriteriaId: "A56970C7-F8D3-41B2-A78B-0C7F4A2A4E0A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4600u:*:*:*:*:*:*:*", matchCriteriaId: "26D4CE1F-86C8-4E48-9146-9DB57BF540FB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4610m:*:*:*:*:*:*:*", matchCriteriaId: "CB7F9D65-5537-4C25-B02B-2393F60D1299", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4610y:*:*:*:*:*:*:*", matchCriteriaId: "F09C8A92-820D-4572-A797-180E17A7DEB6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4650u:*:*:*:*:*:*:*", matchCriteriaId: "CA7D77A2-0D9A-4D0D-B0DC-152757917BE6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4700ec:*:*:*:*:*:*:*", matchCriteriaId: "A07D3F1A-16CE-461F-A2F4-80FE5F841CB3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4700eq:*:*:*:*:*:*:*", matchCriteriaId: "0C04557A-C508-4FAD-A535-1C0AEFF08075", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4700hq:*:*:*:*:*:*:*", matchCriteriaId: "6AFAE489-6679-4705-BF9C-BB6D385A1DC3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4700mq:*:*:*:*:*:*:*", matchCriteriaId: "429A99C8-BC55-4887-893C-7124C1A5DB08", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4702ec:*:*:*:*:*:*:*", matchCriteriaId: "E3A2B709-CC19-4116-A5BE-5DB5C8B45A12", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4702hq:*:*:*:*:*:*:*", matchCriteriaId: "D79DAC74-1F28-4EC8-B417-3FAFFB74C4BB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4702mq:*:*:*:*:*:*:*", matchCriteriaId: "6F1F1377-6220-43FB-BEF9-BAA7B0158147", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4710hq:*:*:*:*:*:*:*", matchCriteriaId: "18422CA8-3000-46B1-9065-2369E6B0BE16", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4710mq:*:*:*:*:*:*:*", matchCriteriaId: "5D558C66-E80E-4FC7-A0DF-485466390C46", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4712hq:*:*:*:*:*:*:*", matchCriteriaId: "E23EA9AE-9E70-47B5-AD9B-0DF13A0939E0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4712mq:*:*:*:*:*:*:*", matchCriteriaId: "860F22F6-4C87-47C5-965E-02A1AFF41A72", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4720hq:*:*:*:*:*:*:*", matchCriteriaId: "19A2CA86-BFA8-4C78-987D-AD26F32622F7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4722hq:*:*:*:*:*:*:*", matchCriteriaId: "EEF64E0A-CDB0-427E-A96F-095EFEBA0A3D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4750hq:*:*:*:*:*:*:*", matchCriteriaId: "425F6D34-EE60-464B-8EA6-8116EDAA1219", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4760hq:*:*:*:*:*:*:*", matchCriteriaId: "CEB9F657-1239-4424-A2E8-F8BD98C0095E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4765t:*:*:*:*:*:*:*", matchCriteriaId: "F631403C-0A67-42CB-815C-133EB87E0C95", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4770:*:*:*:*:*:*:*", matchCriteriaId: "6A4A5A57-B1A2-4BBA-AC36-7EA7DF9CDE06", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4770hq:*:*:*:*:*:*:*", matchCriteriaId: "0453C0EA-BA67-49D5-964F-35493F97D905", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4770k:*:*:*:*:*:*:*", matchCriteriaId: "4D4D237E-ACB7-4382-AF5B-D27E634BF867", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4770r:*:*:*:*:*:*:*", matchCriteriaId: "B5461EB2-2958-4923-86AF-C74D449120B5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4770s:*:*:*:*:*:*:*", matchCriteriaId: "45C22141-E698-4E38-AF50-9CE04C1168FE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4770t:*:*:*:*:*:*:*", matchCriteriaId: "49D0E470-427D-4A68-AFD2-982A4F7CE2D7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4770te:*:*:*:*:*:*:*", matchCriteriaId: "43AB50F3-14AC-44BD-B7F0-A683C5FD1A3F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4771:*:*:*:*:*:*:*", matchCriteriaId: "713C4B7A-C38A-4818-A258-D07DEDEC906E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4785t:*:*:*:*:*:*:*", matchCriteriaId: "C59740BE-FC30-4400-B978-1DB41282971C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4790:*:*:*:*:*:*:*", matchCriteriaId: "839728F0-5F23-462F-B493-C37EE4C874F9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4790k:*:*:*:*:*:*:*", matchCriteriaId: "6F1B47DA-BA53-4D7A-9B5B-582238D5E99A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4790s:*:*:*:*:*:*:*", matchCriteriaId: "D452F1BF-1FA5-463C-8F13-6357509FB5D1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4790t:*:*:*:*:*:*:*", matchCriteriaId: "EF6D1F4C-B396-468C-BA32-9367A68C95DD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4800mq:*:*:*:*:*:*:*", matchCriteriaId: "B76A812F-D77A-49C8-B7A5-0C08258D4BBD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4810mq:*:*:*:*:*:*:*", matchCriteriaId: "6E001AAB-07EC-47BF-BDE9-BB927872781D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4850hq:*:*:*:*:*:*:*", matchCriteriaId: "D1DF11F5-61E8-4A98-86C8-49D6B3224FCC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4860hq:*:*:*:*:*:*:*", matchCriteriaId: "AED153E7-99A2-4C02-B81B-C3DDF8FAE1A0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4870hq:*:*:*:*:*:*:*", matchCriteriaId: "D024802A-EA60-4D9B-B04C-027A0703EABD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4900mq:*:*:*:*:*:*:*", matchCriteriaId: "BA731F3C-1F04-4EE2-83EC-9486F5032903", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4910mq:*:*:*:*:*:*:*", matchCriteriaId: "544A59F6-E731-43C8-8455-69256933E71D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4950hq:*:*:*:*:*:*:*", matchCriteriaId: "624258EE-7FFF-4432-9B6D-4D60AA73CD9A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4960hq:*:*:*:*:*:*:*", matchCriteriaId: "69A2701A-35A8-4268-B9CF-40BA3219373B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:4980hq:*:*:*:*:*:*:*", matchCriteriaId: "15E671F6-8DED-4735-BE97-58A60E5B5C13", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:5500u:*:*:*:*:*:*:*", matchCriteriaId: "3FC68B2A-8570-4311-BB60-49DBBDAF7430", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:5550u:*:*:*:*:*:*:*", matchCriteriaId: "9826FA02-937E-4323-B9D5-8AE059ADBE95", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:5557u:*:*:*:*:*:*:*", matchCriteriaId: "9B8630BB-48AA-4688-A6F0-212C1BB4D14C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:5600u:*:*:*:*:*:*:*", matchCriteriaId: "9AC98D35-D7D5-4C24-B47E-EDE2A80B2B9E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:5650u:*:*:*:*:*:*:*", matchCriteriaId: "A2F8ABCB-12C3-4C45-844E-B07F77DA2DE9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:5700eq:*:*:*:*:*:*:*", matchCriteriaId: "326105AC-3926-437E-8AFF-916960107050", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:5700hq:*:*:*:*:*:*:*", matchCriteriaId: "866E1275-7541-4B80-8FDF-53246A204C15", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:5750hq:*:*:*:*:*:*:*", matchCriteriaId: "E190929D-D3CC-46E1-A903-0848829061DF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:5775c:*:*:*:*:*:*:*", matchCriteriaId: "81E4EBCB-B660-4F6A-AD73-81B9D8964162", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:5775r:*:*:*:*:*:*:*", matchCriteriaId: "55D58CC5-CB46-464D-93B8-6AD5A19AF097", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:5850eq:*:*:*:*:*:*:*", matchCriteriaId: "16541D3E-EBBD-4D92-96D8-F169733377AE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:5850hq:*:*:*:*:*:*:*", matchCriteriaId: "3F08D257-F570-4D39-A6E8-0F60E55472E6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:5950hq:*:*:*:*:*:*:*", matchCriteriaId: "C20ED667-2BFB-41C7-82BA-9F0C0044DA08", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*", matchCriteriaId: "6158ED8A-007E-48B7-99BF-8BA03BF584BD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*", matchCriteriaId: "DBA7096A-F321-49A0-911A-F9683ABE6E6A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*", matchCriteriaId: "6A471395-7F8F-4BA5-962D-4D8F271FAB47", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*", matchCriteriaId: "B9484380-92B9-44DB-8E20-DC8DE02D1CA6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*", matchCriteriaId: "8010808D-805D-4CA3-9EA2-55EB1E57964C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*", matchCriteriaId: "9716FE9F-A056-42A3-A241-F2FE37A6386A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*", matchCriteriaId: "F73422A3-ECA0-4C41-9AA5-CF7D77885CF6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*", matchCriteriaId: "7A96A5AF-C9EF-4DED-AE25-4540A2B02915", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*", matchCriteriaId: "D5115B12-053A-4866-A833-D6EC88D8F93E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*", matchCriteriaId: "C5619D4D-9685-4595-8A5F-A18273FE4213", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*", matchCriteriaId: "B77E00E7-0EA4-4E32-A693-0E0F66BA4C57", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*", matchCriteriaId: "DAA3457E-7E1A-4878-9752-79382E954A66", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*", matchCriteriaId: "68630C63-4457-4E12-B7BD-AD456B237FC5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*", matchCriteriaId: "F6FB5695-2950-4CEC-81B4-FD280F835330", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*", matchCriteriaId: "9F340AF8-508F-449D-9AFA-4E55F069B4F3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*", matchCriteriaId: "E944410E-D674-4141-B50C-9F55090325FF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*", matchCriteriaId: "A6438E07-0AC0-4BF9-B0F2-9072CA9639D6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_m:5y10:*:*:*:*:*:*:*", matchCriteriaId: "5079AA70-C864-4AE2-809C-52B50632F2B3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_m:5y10a:*:*:*:*:*:*:*", matchCriteriaId: "5D124BCB-D8C3-49F5-B05C-E09B3CEBEBCD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_m:5y10c:*:*:*:*:*:*:*", matchCriteriaId: "6A86291B-C986-4320-BCEF-9F5AD8B309D3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_m:5y31:*:*:*:*:*:*:*", matchCriteriaId: "1227659F-1393-4189-978B-CC3DC53BF407", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_m:5y51:*:*:*:*:*:*:*", matchCriteriaId: "4C2DB843-638F-41EF-B486-409318AA2DE9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_m:5y70:*:*:*:*:*:*:*", matchCriteriaId: "A0004D8A-A186-4DA2-A7AB-18A6456438FF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_m:5y71:*:*:*:*:*:*:*", matchCriteriaId: "75B6BE9F-F113-4976-951D-53F2E183A95A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_m3:6y30:*:*:*:*:*:*:*", matchCriteriaId: "DEB005F1-9719-4985-B9D9-2140C962ADD1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_m3:7y30:*:*:*:*:*:*:*", matchCriteriaId: "A94D0C1B-F30F-4724-915E-192C53FAE58A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_m3:7y32:*:*:*:*:*:*:*", matchCriteriaId: "3F247860-1D2C-415C-AFBD-26BD875AAF02", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_m5:6y54:*:*:*:*:*:*:*", matchCriteriaId: "9697EDCD-A742-4AC6-876E-1080AD684207", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_m5:6y57:*:*:*:*:*:*:*", matchCriteriaId: "6E73924A-875B-44D0-8F7C-A822B0488126", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_m7:6y75:*:*:*:*:*:*:*", matchCriteriaId: "03751B92-EE07-4F16-A476-BD25561810BC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:pentium_j:j2850:*:*:*:*:*:*:*", matchCriteriaId: "A3A630E1-6CAE-4809-AB18-5002F158AE90", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:pentium_j:j2900:*:*:*:*:*:*:*", matchCriteriaId: "A67750FF-EF4B-414F-8ED4-299CAF33B0DF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:pentium_j:j3710:*:*:*:*:*:*:*", matchCriteriaId: "5A82D885-82F5-4755-BC11-5899E28CEE42", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:pentium_j:j4205:*:*:*:*:*:*:*", matchCriteriaId: "88AF1366-8A14-4741-8146-886C31D8D347", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:pentium_n:n3510:*:*:*:*:*:*:*", matchCriteriaId: "7FD75301-E29C-47DC-B53F-DC44EA0C1885", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:pentium_n:n3520:*:*:*:*:*:*:*", matchCriteriaId: "8C944024-BEAA-43AF-A339-FD69C75E8240", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:pentium_n:n3530:*:*:*:*:*:*:*", matchCriteriaId: "435C69D1-3932-4379-8D18-B1E12D558325", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:pentium_n:n3540:*:*:*:*:*:*:*", matchCriteriaId: "3572B700-73C0-41D1-95FD-FE9D5B0C1F80", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:pentium_n:n3700:*:*:*:*:*:*:*", matchCriteriaId: "97A40DC9-0D4E-4C91-8D1B-3CED95B3952E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:pentium_n:n3710:*:*:*:*:*:*:*", matchCriteriaId: "16FB3E4B-05F8-411A-8C86-4ACE03815553", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:pentium_n:n4200:*:*:*:*:*:*:*", matchCriteriaId: "8E55EBC1-6F96-47CD-9503-7855EFB07240", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e5502:*:*:*:*:*:*:*", matchCriteriaId: "4208DBA1-7F85-4876-9B6C-D1B43EAAB2AD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e5503:*:*:*:*:*:*:*", matchCriteriaId: "F5ADC8E5-1CE7-4481-A9B5-61BFC6B4FF50", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e5504:*:*:*:*:*:*:*", matchCriteriaId: "A1789924-FADB-4076-8874-120B29EE6B86", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e5506:*:*:*:*:*:*:*", matchCriteriaId: "BC246667-2F6F-4024-9EAA-2CE3018235C3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e5507:*:*:*:*:*:*:*", matchCriteriaId: "B21BA7F8-D4B5-4E6B-8FCE-04BBD3501AA5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e5520:*:*:*:*:*:*:*", matchCriteriaId: "1341A5D4-A5CE-4D31-A178-01C3069D7A55", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e5530:*:*:*:*:*:*:*", matchCriteriaId: "86A5C199-92E5-435C-AC40-175849285104", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e5540:*:*:*:*:*:*:*", matchCriteriaId: "67589F54-0A54-4DE7-9A47-A73DD05F7965", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e5603:*:*:*:*:*:*:*", matchCriteriaId: "DDC34C8E-1BB9-43CC-9D89-9E6DC435B7EB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e5606:*:*:*:*:*:*:*", matchCriteriaId: "8BE5163E-9BCF-4BF8-BCB9-B48C4E7E1564", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e5607:*:*:*:*:*:*:*", matchCriteriaId: "92C5DC8C-3318-440B-8B29-4827F343927B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e5620:*:*:*:*:*:*:*", matchCriteriaId: "0ECC47D8-F602-4CEA-B19A-209CE76C9D36", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e5630:*:*:*:*:*:*:*", matchCriteriaId: "7514ADD3-DECC-4CC2-9421-A609E526FDC6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e5640:*:*:*:*:*:*:*", matchCriteriaId: "6ED2EC97-8B2D-47A9-8EC7-D1E0ACBB6C52", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e5645:*:*:*:*:*:*:*", matchCriteriaId: "691097C3-F91B-499B-BAEB-4E7E9C43B517", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e5649:*:*:*:*:*:*:*", matchCriteriaId: "0B3DB1ED-017B-43EF-92A3-A8A88669FBC2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e6510:*:*:*:*:*:*:*", matchCriteriaId: "19A49AAF-0F08-4151-8F74-4EF9C3415B00", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e6540:*:*:*:*:*:*:*", matchCriteriaId: "3F7A2018-BB4D-4DC1-813D-A4AA3F270893", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e7520:*:*:*:*:*:*:*", matchCriteriaId: "A95D91C4-C539-4458-A6C9-8AE17207AE30", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e7530:*:*:*:*:*:*:*", matchCriteriaId: "37F9D218-8198-42C7-88FE-7C5382138324", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:e7540:*:*:*:*:*:*:*", matchCriteriaId: "CF8FDD81-95EE-4241-93C8-925085A4CE7B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:ec5509:*:*:*:*:*:*:*", matchCriteriaId: "614D9E35-10E0-4CCB-B817-C7C8C3947BE4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:ec5539:*:*:*:*:*:*:*", matchCriteriaId: "F75F987E-F4DB-46FF-B048-21B4A4C07B10", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:ec5549:*:*:*:*:*:*:*", matchCriteriaId: "05376F2C-30B6-406D-90F7-6C2E00E85171", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:l3406:*:*:*:*:*:*:*", matchCriteriaId: "CCDD3DF6-24BF-4C13-8F07-AF07327E5622", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:l3426:*:*:*:*:*:*:*", matchCriteriaId: "B1520A64-2157-45D7-A135-F900798C4EB5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:l5506:*:*:*:*:*:*:*", matchCriteriaId: "05A30F85-5367-4369-B7A5-176D71279FC3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:l5508:*:*:*:*:*:*:*", matchCriteriaId: "B8803FF9-48D7-4AB0-8A17-4590CABD0BFD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:l5518:*:*:*:*:*:*:*", matchCriteriaId: "1DC63B6B-5D6D-477B-9125-007F835981B4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:l5520:*:*:*:*:*:*:*", matchCriteriaId: "BF385AC9-963E-4670-95A6-BE1EBC3890B7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:l5530:*:*:*:*:*:*:*", matchCriteriaId: "943FA088-2902-45A9-A1BA-D612B46A50D9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:l5609:*:*:*:*:*:*:*", matchCriteriaId: "8C80902D-9A6C-47D4-B56F-35C378FC0E63", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:l5618:*:*:*:*:*:*:*", matchCriteriaId: "1100B46C-8485-4048-BFF8-2BAB311EC04A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:l5630:*:*:*:*:*:*:*", matchCriteriaId: "4B9E1646-E154-41BA-B9FA-0839A898023D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:l5638:*:*:*:*:*:*:*", matchCriteriaId: "03F4C8E6-0043-41A8-94EA-EEBAA1A081E7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:l5640:*:*:*:*:*:*:*", matchCriteriaId: "31C10985-CBF7-4717-A7D6-2594887D7CB7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:l7545:*:*:*:*:*:*:*", matchCriteriaId: "8C49886C-B6A0-4D95-8533-329FE5A66F6B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:l7555:*:*:*:*:*:*:*", matchCriteriaId: "0788CF23-3FAF-44C9-9AAA-96E4818A1AEC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:lc5518:*:*:*:*:*:*:*", matchCriteriaId: "24AF7001-64D1-4BFB-9280-0BA0FAD97A0A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:lc5528:*:*:*:*:*:*:*", matchCriteriaId: "8C6E420E-16DA-4FB1-9968-C93E229614FA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:w3670:*:*:*:*:*:*:*", matchCriteriaId: "07469E04-B3D2-41FE-A2E4-E25A977026CD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:w3680:*:*:*:*:*:*:*", matchCriteriaId: "60FF402E-5E4F-414A-A3AB-149548303616", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:w3690:*:*:*:*:*:*:*", matchCriteriaId: "79E2B875-A270-45C0-A1B1-041264E5B290", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:w5580:*:*:*:*:*:*:*", matchCriteriaId: "8C828C8C-7ECB-4167-87A9-0F522C400C66", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:w5590:*:*:*:*:*:*:*", matchCriteriaId: "0C2C887F-1EF7-468A-A6AE-440793C78DAC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x3430:*:*:*:*:*:*:*", matchCriteriaId: "6F2F3D7F-D884-4ACD-A103-060F57A9867B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x3440:*:*:*:*:*:*:*", matchCriteriaId: "BD1FCAAD-7072-45EC-9ACB-08556458BAF6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x3450:*:*:*:*:*:*:*", matchCriteriaId: "C4446224-40E8-4AD0-8197-921D3473E19B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x3460:*:*:*:*:*:*:*", matchCriteriaId: "4EA159D9-8C7F-4BE5-9093-A21C7D00F7EA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x3470:*:*:*:*:*:*:*", matchCriteriaId: "B92B68FD-771A-4401-8B1D-B1A252356F62", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x3480:*:*:*:*:*:*:*", matchCriteriaId: "1B933941-0BE3-4EEB-8FDD-2DAA63343EE5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x5550:*:*:*:*:*:*:*", matchCriteriaId: "8D060EF0-B29C-4B54-86A0-FD5CFF7B80BB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x5560:*:*:*:*:*:*:*", matchCriteriaId: "36F737C1-6011-42D2-9690-CA81EA0A283C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x5570:*:*:*:*:*:*:*", matchCriteriaId: "19CA7EB6-D1C9-48D9-A69A-2618800A6CE6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x5647:*:*:*:*:*:*:*", matchCriteriaId: "0CA1F3E5-ED7F-4E4C-AD0D-0EEC542A9E51", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x5650:*:*:*:*:*:*:*", matchCriteriaId: "ED6E3C9B-A661-4B37-B76D-A3F7BD638D4A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x5660:*:*:*:*:*:*:*", matchCriteriaId: "56C909B0-8FB2-4220-AF93-EECB8D650CC3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x5667:*:*:*:*:*:*:*", matchCriteriaId: "FF36BAD0-A762-4F84-BE0B-060FE666ED67", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x5670:*:*:*:*:*:*:*", matchCriteriaId: "007337CD-94FB-4ED9-B4A3-9E0EC52D79B2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x5672:*:*:*:*:*:*:*", matchCriteriaId: "BCDFA137-F1FC-46BD-9872-D62671B1434D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x5675:*:*:*:*:*:*:*", matchCriteriaId: "2E6DBCB3-E912-43A1-914B-5C7CCFAADE25", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x5677:*:*:*:*:*:*:*", matchCriteriaId: "0FCF36E2-0B42-4F23-97D6-9E79ECCA8FAD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x5680:*:*:*:*:*:*:*", matchCriteriaId: "E2C67312-E128-4833-A91E-D7A9F96A7AD5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x5687:*:*:*:*:*:*:*", matchCriteriaId: "3F19F408-FABD-4A68-8CDC-C763F0321FB1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x5690:*:*:*:*:*:*:*", matchCriteriaId: "68A06EC2-E491-4CD5-9904-61A88EBB7FD5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x6550:*:*:*:*:*:*:*", matchCriteriaId: "789A8CAE-8D9E-4244-880D-FBE28EC53AED", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x7542:*:*:*:*:*:*:*", matchCriteriaId: "F901EE11-D0C9-46F6-8316-D8F4F1D50260", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x7550:*:*:*:*:*:*:*", matchCriteriaId: "E549F600-B9CE-4843-A772-2DACC528903E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon:x7560:*:*:*:*:*:*:*", matchCriteriaId: "3F28E733-87ED-4610-A8EE-BD37BED7685B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_bronze_3104:-:*:*:*:*:*:*:*", matchCriteriaId: "5DB488DD-D97C-4E21-A055-E6CECBBBC34E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_bronze_3106:-:*:*:*:*:*:*:*", matchCriteriaId: "9DC12C97-9966-40E2-8B23-B4453EC9EA6A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e-1105c:-:*:*:*:*:*:*:*", matchCriteriaId: "2832E8BF-7AC7-444C-B297-66F770860571", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1505m_v6:*:*:*:*:*:*:*", matchCriteriaId: "44AA72FB-E78D-419E-AA82-B0538C6504D3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1515m_v5:*:*:*:*:*:*:*", matchCriteriaId: "687C3BF3-D71A-49AD-8A05-EAC07CBCD949", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1535m_v5:*:*:*:*:*:*:*", matchCriteriaId: "90AF90D9-16C4-4F8A-9868-3E2823E3445C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1535m_v6:*:*:*:*:*:*:*", matchCriteriaId: "3C063C53-8970-45B1-85F8-FB2080BF4695", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1545m_v5:*:*:*:*:*:*:*", matchCriteriaId: "64596ED7-794A-4D23-987B-D9AD59D48EA5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1558l_v5:*:*:*:*:*:*:*", matchCriteriaId: "C2E52BA6-2F2F-4CD2-A601-5B0ADDE5E23F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1565l_v5:*:*:*:*:*:*:*", matchCriteriaId: "3FDA48F0-0F35-4A8F-8117-B0B28E00AB95", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1575m_v5:*:*:*:*:*:*:*", matchCriteriaId: "A561A8E8-79E2-4071-B57D-590C22EF86A8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1578l_v5:*:*:*:*:*:*:*", matchCriteriaId: "92E46658-60AB-4758-9236-3AC0E6464383", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1585_v5:*:*:*:*:*:*:*", matchCriteriaId: "207B8FBA-E2FF-485A-9AD9-E604AE0FB903", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3:1585l_v5:*:*:*:*:*:*:*", matchCriteriaId: "33F99640-C753-40BE-A0A1-4C2D92E7DB09", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1105c_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "BA1EC6D3-01CD-4CAB-817D-AE2E72FD0D03", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1125c:-:*:*:*:*:*:*:*", matchCriteriaId: "6F98247B-1839-4676-855B-827A4B6C016B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1125c_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "FDBA35BD-1048-4B6E-96B2-1CFF615EB49A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1220:-:*:*:*:*:*:*:*", matchCriteriaId: "E6CEEEE2-D6A2-4342-8A73-934093948824", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1220_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "979FEE9F-A957-43B6-BB6D-1A851D6FA11C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1220_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "1A7AF59D-D05E-47F9-B493-B5CD6781FDDD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "7EF7EC93-0170-45A9-86C7-5460320B2AE9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "A8A7B1C2-D2CE-485A-9376-27E14F3FA05A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_12201:-:*:*:*:*:*:*:*", matchCriteriaId: "B5F803AC-DCC7-43FC-BEB3-AA7984E0506C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_12201_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "560993AA-299D-42B7-B77F-1BD0D2114CCB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1220l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "1C582B1C-1DAC-48FD-82DD-7334C10A2175", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1225:-:*:*:*:*:*:*:*", matchCriteriaId: "D7862B0C-2C44-4110-A62A-083116129612", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1225_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "048C5996-F719-4338-B148-0DD1C13E02FF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1225_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "0196DA2F-CFA7-44D0-BDF5-37C7403E3B9F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "4B9FF7FB-AB5A-4549-8C15-E69458C649E2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "1CEF6608-B650-4C77-9823-0AD57B3484F1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1226_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "4BE6A2D7-901C-45F9-B487-D674047D522E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1230:-:*:*:*:*:*:*:*", matchCriteriaId: "DCFCAC5E-6CF1-4EC1-A24C-688DD1016A96", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1230_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "1ADCB509-5B0E-4592-8B23-EC25A3F79D41", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1230_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "FB51691F-089F-4016-B25E-238074B06C0D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "EBAAC728-6A0F-4675-9677-AAF7DD5D38ED", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "DB3BFEFD-3D0D-48B0-A5AE-6F3C2D791CE1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1230l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "BC7E1AFD-9BCE-4487-A8DE-F9C60529CA7A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1231_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "7EA37503-FD3D-4220-933C-234631D6EDEF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1235:-:*:*:*:*:*:*:*", matchCriteriaId: "72992831-2A76-456B-A80C-944BDD8591E4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "A79C2131-5566-4CC2-B6ED-38E3F6964500", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240:-:*:*:*:*:*:*:*", matchCriteriaId: "60BFDAA6-3DFC-4908-BC33-B05BAB462F94", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "B6266056-770A-4E2D-A4FC-F1475257648E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "929AA8F3-8BDF-4614-9806-6D4231735616", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "605D7552-8184-4B11-96FD-FE501A6C97DD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "3144BBDE-CC96-4408-AA02-ECC3BF902A34", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "1B8BA77A-34E3-4B9E-822A-7B7A90D35790", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "E7165B43-ED22-4714-8FA4-1E201D1BFA69", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1241_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "67CFB133-FAF0-431A-9765-8A9738D6D87C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1245:-:*:*:*:*:*:*:*", matchCriteriaId: "2975B0F2-DB7C-4257-985A-482ED2725883", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1245_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "70221E07-3C2E-4A82-8259-AD583EB5CDDD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1245_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "427DFD78-56CD-43C4-948E-F53AF9D669F3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "3E3E6F5F-6B82-43D9-BD6E-D22F9B991DB4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "75AD7649-3FEA-4971-9886-6C9312B937A1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1246_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "B4EE972C-6BAE-4342-BA01-1D685487F9C3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1258l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "27CDFE3B-C064-49A9-BD43-3F7612257A74", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1260l:-:*:*:*:*:*:*:*", matchCriteriaId: "3BD0EEC1-D695-41A5-8CD6-9E987A547CC4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "C35AA9AC-28B3-49C2-A9B5-5D26DFEDB723", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1265l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "4DBF25B8-D474-4C6B-8E45-F57DDC7074E7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1265l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "3DF18FD1-6670-4C3C-8000-A079C69D575E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1265l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "D760EEAF-5CF5-4F25-8FA2-D4F75F4F5A91", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1268l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "921EB5A5-F911-4FCE-A6F1-C66818B34678", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1268l_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "13878C13-1C7C-4B83-AF27-4998E8F659DC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1270:-:*:*:*:*:*:*:*", matchCriteriaId: "023063E1-2DD7-487C-A8A7-939FAEE666A9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1270_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "77255CE6-D7B7-4B48-993C-7100A1170BC6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1270_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "B40AC368-3A14-4EFF-A8D0-7EFB4C83045D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "3472AA7B-C0CF-4D65-8A6C-B1D52D27F0CB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "C07E80D5-70A5-49C9-9044-D683C7ECCFF5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1271_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "63668AF4-F29C-4424-8EC5-2F0A5950DD58", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1275:-:*:*:*:*:*:*:*", matchCriteriaId: "E86616FE-0C3F-4984-A364-8A6A9F01DAD1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1275_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "09C1C7CD-538D-4D7A-A81C-10DF5376A479", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1275_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "5922F749-2B23-44B8-8A46-F31BCAEAD279", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1275_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "2C48BBAF-6B27-43D6-B86B-40CD8E7BA056", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "D75D0EEB-707C-4C86-A569-E91E9F00BA77", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1275l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "F0FB0E20-0243-40A1-8DEF-37150791222E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1276_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "68CFF26D-8AD3-4179-9E4C-F06D7C858C9A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1278l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "7541572C-229F-4963-B7F0-06EB3323E53B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1280:-:*:*:*:*:*:*:*", matchCriteriaId: "85DE669C-27FD-4196-8B8C-1DA4EE4C1D6C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1280_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "479F7C77-D16F-4E40-9026-3EB8422E0401", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1280_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "7A242AC2-9AA6-43FD-90F4-5BF6E80DBB5E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "04DB08C8-0018-4A8E-A206-097BDDF83B08", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "B7193E85-30BE-42D5-A26B-3F88817F3574", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1281_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "446E8515-45FC-4B8B-8D12-60643D64C07F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1285_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "EBBDF6B2-D388-4639-87D8-064AA3F6B6FC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1285_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB8B6-B614-4EAA-BA90-C5326CB5D07A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "2A371DF9-E224-404F-99C2-C2A4607E62D8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1285l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "0F40E356-365D-44B7-8C38-A0C89DDD6D3E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1285l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "A3132029-89F8-4359-A0DC-A275785266A1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1286_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "B02F5685-0636-48AB-B222-434CA1F3B336", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1286l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "E51FDD60-88E5-4A86-BB8E-4C2D7EDEFA03", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1290:-:*:*:*:*:*:*:*", matchCriteriaId: "3ED4693C-DECF-4434-90C0-56158F102E7E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1290_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "BB408A6B-0842-43DA-9180-B0A299FCBCE6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1501l_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "6215EBAC-7C75-4647-9970-482120897F1F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1501m_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "3357FCAC-B6C4-4E3E-A40B-AB5084A7F9B2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1505l_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "3B1BD2B6-1AF6-4AD4-94FA-94B453A21908", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1505l_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "8D1FD6E8-80EC-461F-9ED1-CE5912399E80", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1505m_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "E96F585E-BDEF-45EE-B0AB-94FE23753AC5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2650l_v4:*:*:*:*:*:*:*", matchCriteriaId: "3279C067-3058-4D46-A739-05404FD0E9B5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2658:*:*:*:*:*:*:*", matchCriteriaId: "DB4DF0A7-8BC2-48AE-9036-FED6EEC57DF3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2658_v2:*:*:*:*:*:*:*", matchCriteriaId: "C0855225-F501-486A-BD03-2A86FD252B5A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2658_v3:*:*:*:*:*:*:*", matchCriteriaId: "214C7B0C-C438-4000-9F9B-6D83294243AA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2658_v4:*:*:*:*:*:*:*", matchCriteriaId: "4C91AA2E-4BB2-49C8-9364-4E363DF42CB0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2658a_v3:*:*:*:*:*:*:*", matchCriteriaId: "DA26781F-5A1C-4DA5-835E-D984D697F22B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2660:*:*:*:*:*:*:*", matchCriteriaId: "2EEA4222-F25D-4457-80AA-6D05CA918D68", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2660_v2:*:*:*:*:*:*:*", matchCriteriaId: "9F3E60D1-5CF9-4F96-9EDB-D87F8CF57272", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2660_v3:*:*:*:*:*:*:*", matchCriteriaId: "F4D321BC-6B1D-4C71-8E16-5A1319CEFD6C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2660_v4:*:*:*:*:*:*:*", matchCriteriaId: "6777AC35-9D1F-4153-94AC-B25627D730E6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2665:*:*:*:*:*:*:*", matchCriteriaId: "A5F063F4-8994-4E46-BA7B-A12A112009BD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2667:*:*:*:*:*:*:*", matchCriteriaId: "4D6F2DE5-AF11-439A-8D37-30CB882ECD58", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2667_v2:*:*:*:*:*:*:*", matchCriteriaId: "E213DD86-5419-42C8-BF38-7795DDB3C582", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2667_v3:*:*:*:*:*:*:*", matchCriteriaId: "A972291E-5231-439D-873B-2F87BCAF800A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2667_v4:*:*:*:*:*:*:*", matchCriteriaId: "C089CC54-3229-43D7-AA15-73CFA1A43EE3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2670:*:*:*:*:*:*:*", matchCriteriaId: "EF268D83-C15D-4559-A46F-844E1D9264F0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2670_v2:*:*:*:*:*:*:*", matchCriteriaId: "CFE97C0D-3EA1-4314-A74A-7845C7778FB7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2670_v3:*:*:*:*:*:*:*", matchCriteriaId: "34293F29-F327-4ADD-BF62-78F63F79BB96", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2680:*:*:*:*:*:*:*", matchCriteriaId: "528C0A46-1CC4-4882-985A-0BB41525BC6B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2680_v2:*:*:*:*:*:*:*", matchCriteriaId: "643F3522-A452-4927-944D-532574EC4243", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2680_v3:*:*:*:*:*:*:*", matchCriteriaId: "58F40B78-4DBA-44EE-8420-086789EFF53D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2680_v4:*:*:*:*:*:*:*", matchCriteriaId: "423BFD8F-4B50-43DA-9979-75FD18FBC953", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2683_v3:*:*:*:*:*:*:*", matchCriteriaId: "8BAD4A68-0481-476F-BBBD-3D515331368C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2683_v4:*:*:*:*:*:*:*", matchCriteriaId: "838CEB7C-7C4C-416C-86CE-6E8DD47EF25B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2687w:*:*:*:*:*:*:*", matchCriteriaId: "CC7D021F-3C97-45B3-B1F7-0AC26959F22B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2687w_v2:*:*:*:*:*:*:*", matchCriteriaId: "4A31AEF3-448D-417B-9589-4BA0A06F2FE8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2687w_v3:*:*:*:*:*:*:*", matchCriteriaId: "F7A1D96F-7FFD-413F-ABCE-4530C3D63040", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2687w_v4:*:*:*:*:*:*:*", matchCriteriaId: "FDB2B08B-D3C7-4B82-B170-471D6CDEFAE5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2690:*:*:*:*:*:*:*", matchCriteriaId: "4B8343FE-1320-40AE-A37F-70EF1A4AC4B7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2690_v2:*:*:*:*:*:*:*", matchCriteriaId: "CD42BA5A-7DA0-409D-8685-E43CF9B61D9F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2690_v3:*:*:*:*:*:*:*", matchCriteriaId: "A5FF80E9-CF28-4EF6-9CFE-4B500A434674", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2690_v4:*:*:*:*:*:*:*", matchCriteriaId: "7896A6C6-5918-4C27-85AF-6FEEFC7F8FD6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2695_v2:*:*:*:*:*:*:*", matchCriteriaId: "647B77A4-2F49-4989-AF43-961D69037370", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2695_v3:*:*:*:*:*:*:*", matchCriteriaId: "805B1E33-F279-4303-9DF3-C81039A40C1C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2695_v4:*:*:*:*:*:*:*", matchCriteriaId: "B971EA9E-AE5C-4A1D-AD55-8241F7B38C9C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2697_v2:*:*:*:*:*:*:*", matchCriteriaId: "DE7E0AAE-6539-4024-9055-BE0BAD702143", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2697_v3:*:*:*:*:*:*:*", matchCriteriaId: "7F1A8828-0765-4799-AD6C-143F45FAAD23", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2697_v4:*:*:*:*:*:*:*", matchCriteriaId: "12D34618-1CCA-405B-A49C-EB384A09C2C6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2697a_v4:*:*:*:*:*:*:*", matchCriteriaId: "575D6061-66BC-4862-BC84-ECD82D436E2A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2698_v3:*:*:*:*:*:*:*", matchCriteriaId: "56B6EE64-1AD4-46B2-BA65-BB6282E56EB0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2698_v4:*:*:*:*:*:*:*", matchCriteriaId: "11650B45-0BDA-42BF-AEF3-83B48DD6A71D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2699_v3:*:*:*:*:*:*:*", matchCriteriaId: "BD3C92BA-827B-48AF-BBB3-FB60A9053C22", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2699_v4:*:*:*:*:*:*:*", matchCriteriaId: "AC097E24-F6C9-40D9-95E9-7EFDFA61AFF5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2699a_v4:*:*:*:*:*:*:*", matchCriteriaId: "5EB44CA7-DFE6-4B1A-9A63-97AE30017E49", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:2699r_v4:*:*:*:*:*:*:*", matchCriteriaId: "4B305EFA-6226-412C-90EE-F0691F2DDDE0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4603:*:*:*:*:*:*:*", matchCriteriaId: "7F3874FA-63CB-4B5D-8B64-CE920320A4E6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4603_v2:*:*:*:*:*:*:*", matchCriteriaId: "0800ED17-50E4-43F3-B46C-591DFA818BA5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4607:*:*:*:*:*:*:*", matchCriteriaId: "A46B0405-F301-4209-8766-6E12EAFAD157", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4607_v2:*:*:*:*:*:*:*", matchCriteriaId: "F99F9F1F-A967-4884-96CF-4488102DC0A2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4610:*:*:*:*:*:*:*", matchCriteriaId: "DA9B37AD-4599-425B-B39F-E571F4975266", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4610_v2:*:*:*:*:*:*:*", matchCriteriaId: "C5A5F1CF-A1E6-45F1-8B09-36566778DB57", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4610_v3:*:*:*:*:*:*:*", matchCriteriaId: "698C8A49-888B-4675-B3B0-25EDE2FD515E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4610_v4:*:*:*:*:*:*:*", matchCriteriaId: "70D98F97-8EF4-48B5-84BE-C3CC27031FDA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4617:*:*:*:*:*:*:*", matchCriteriaId: "B473D1FA-909B-492E-9C5B-94B0E20E1C0E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4620:*:*:*:*:*:*:*", matchCriteriaId: "BFD5EA7E-322E-4CE6-89D4-7DB1055C9034", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4620_v2:*:*:*:*:*:*:*", matchCriteriaId: "67836379-4E1A-45CD-9506-7D3F612E47C8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4620_v3:*:*:*:*:*:*:*", matchCriteriaId: "5B1BBC61-8664-4452-93A7-DDB4D2E4C802", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4620_v4:*:*:*:*:*:*:*", matchCriteriaId: "C4F1B50C-FC5F-47F4-87BC-60E1BD3DD1F2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4624l_v2:*:*:*:*:*:*:*", matchCriteriaId: "044F0375-DF2F-4D9B-AD7E-473D34165E8C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4627_v2:*:*:*:*:*:*:*", matchCriteriaId: "2CEE9B72-5C4C-40C0-A8A7-9DF11655DA43", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4627_v3:*:*:*:*:*:*:*", matchCriteriaId: "4A0655CA-A88C-4632-9A18-560E3F63B2F7", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4627_v4:*:*:*:*:*:*:*", matchCriteriaId: "8C1454DD-DA51-4CBC-8BB2-09D5AB5777DB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4628l_v4:*:*:*:*:*:*:*", matchCriteriaId: "C6965851-3B29-4C21-9556-97FD731EAA85", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4640:*:*:*:*:*:*:*", matchCriteriaId: "52984FD2-44E0-4E91-B290-0376737EEF6F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4640_v2:*:*:*:*:*:*:*", matchCriteriaId: "4C5D92E2-E718-4247-BA5D-DFE86C0F6AAE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4640_v3:*:*:*:*:*:*:*", matchCriteriaId: "DF933366-7503-4F8D-B7AA-F6A16210EC37", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4640_v4:*:*:*:*:*:*:*", matchCriteriaId: "4E2DAF5D-5BB7-49C6-8426-8B547505B6FC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4648_v3:*:*:*:*:*:*:*", matchCriteriaId: "3EABB21D-D021-434B-B147-CAF687097A5B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4650:*:*:*:*:*:*:*", matchCriteriaId: "7609424D-95F1-4493-A20C-B1BA4EC6439D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4650_v2:*:*:*:*:*:*:*", matchCriteriaId: "966DC636-C802-4D9F-8162-652AFB931203", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4650_v3:*:*:*:*:*:*:*", matchCriteriaId: "A75794EB-A5AF-43F0-985F-D9E36F04C6D4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4650_v4:*:*:*:*:*:*:*", matchCriteriaId: "31C2CFF0-98FD-4A0D-8949-D554B2FE53D4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4650l:*:*:*:*:*:*:*", matchCriteriaId: "05F9217F-5028-4659-AA8E-F60548DE4D52", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4655_v3:*:*:*:*:*:*:*", matchCriteriaId: "4AC769DC-CF2E-4A3C-A610-264F024E6279", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4655_v4:*:*:*:*:*:*:*", matchCriteriaId: "9B2B1CBF-D155-49BC-81A4-4172F177A5C2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4657l_v2:*:*:*:*:*:*:*", matchCriteriaId: "370B2B32-519E-4373-8A04-5C5025D688BB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4660_v3:*:*:*:*:*:*:*", matchCriteriaId: "83D9B562-C279-4A55-A347-F28FC4F9CD12", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4660_v4:*:*:*:*:*:*:*", matchCriteriaId: "2A8C2BA0-48A8-4107-8681-A7C34C553D8C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4667_v3:*:*:*:*:*:*:*", matchCriteriaId: "B1B009DE-A82F-4569-9B42-EC1EC4DA8A40", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4667_v4:*:*:*:*:*:*:*", matchCriteriaId: "683B6E83-37FF-4F9B-915F-059EBB29DB53", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4669_v3:*:*:*:*:*:*:*", matchCriteriaId: "E218718F-4BE6-48B0-A204-9DD4A932A654", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5:4669_v4:*:*:*:*:*:*:*", matchCriteriaId: "FB0AB327-B60A-473C-9D36-97766EE62D7D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1428l:-:*:*:*:*:*:*:*", matchCriteriaId: "3DA249EE-4786-4E27-8787-5E8B88C2AEB9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1428l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "CEBD0529-1CF3-44E5-85B3-19A3323C9493", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1428l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "D664EE97-07EC-410F-94C3-AEAB2C6A627D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1620:-:*:*:*:*:*:*:*", matchCriteriaId: "D31DB981-03B1-4A84-8D87-CD407C3C149F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1620_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "0CBD155D-89D9-4677-A621-4D7613BE65C6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1620_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "D02BD0D4-FFFD-4355-97D8-170362F10B9F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1620_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "6635781A-2651-4EF2-A5AC-AEEEE63FDE6D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1630_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "8DCE6930-760A-48C0-B964-1E3ED6A8517C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1630_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "9E52DE90-DF96-4CE7-B8D1-226BA50E4D09", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1650:-:*:*:*:*:*:*:*", matchCriteriaId: "C8EB40E7-9B91-4106-B303-2B70AF395BFA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1650_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "EAB0D5CD-8AF3-409D-96A7-718641D4B90D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1650_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "6E420B0B-0CD5-41C7-B25A-3DB856055F9E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1650_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "8B0C295B-0D63-4BE7-830D-D927E00C301C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1660:-:*:*:*:*:*:*:*", matchCriteriaId: "605C340D-2220-4669-B827-9009CB099E8B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1660_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "8791879D-2908-4F57-8DB3-6D24100A9108", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1660_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "CEBEDBBA-0427-4DE0-BA8D-737DE7DF80E6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1660_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "E823DC5B-98BE-4656-BFBF-3A7018F8F213", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1680_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "64E8D558-ADE0-4358-9C76-7BD77BF23AA1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_1680_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "7973B3D0-F244-4E26-88F5-A2D9BF2E4503", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2403:-:*:*:*:*:*:*:*", matchCriteriaId: "68E6BAB9-CBA4-4362-BC82-00D2C5CC6FB4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2403_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "CD3F4BFF-3CBE-4E4B-8B29-B203F99CFD8A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2407:-:*:*:*:*:*:*:*", matchCriteriaId: "3F5CB567-4F86-4466-BE4D-BFF557ACAE0A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2407_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "8A52611B-6583-4660-90D7-C9472728072B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2408l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "E80C6E89-B57C-47BB-8B95-50C03DFB3B96", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2418l:-:*:*:*:*:*:*:*", matchCriteriaId: "A9AB685B-FEE1-41EF-A046-1B34619E12A1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2418l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "DB9F6724-967A-4AF0-9896-12BF6164B2CB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2418l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "FC1116BF-12D7-47CC-98DB-18B200CF9C16", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2420:-:*:*:*:*:*:*:*", matchCriteriaId: "9FBB28DE-726B-4AF0-88A5-35987E1E648B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2420_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "5EA1DB22-8FBF-4CF6-AA96-5B68EE28877D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2428l:-:*:*:*:*:*:*:*", matchCriteriaId: "1880E2B8-5E0E-4603-8D17-3ABA43D28179", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2428l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "2FAFBB92-1917-4238-832B-195FBE418271", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2428l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "91DFDF3F-9A3F-42B8-99A1-A3F76B198358", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2430:-:*:*:*:*:*:*:*", matchCriteriaId: "8778F972-BF34-482F-9FA7-71A77F6138E1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2430_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "8F288BB0-FE7A-4900-B227-BE80E4F4AADF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2430l:-:*:*:*:*:*:*:*", matchCriteriaId: "3A8DC53A-90C6-47FE-89F1-A1FE8B1C07A9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2430l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "57E16338-A094-4CA9-B77F-6FE42D3B422C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2438l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "4E07AB33-5351-487D-9602-495489C7C0B8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2440:-:*:*:*:*:*:*:*", matchCriteriaId: "22115ED6-1707-4840-B0D1-AD36BC0C75A8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2440_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "C7C633BC-831F-4CB7-9D62-16693444B216", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2448l:-:*:*:*:*:*:*:*", matchCriteriaId: "9CF5EE7E-F41B-44EC-9F69-7963B1BF1FB0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2448l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "6DD501E1-E78F-44C6-8A13-C29337B07EBE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2450:-:*:*:*:*:*:*:*", matchCriteriaId: "9085BA0B-B7E2-4908-90C0-B4183891C718", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2450_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "F2267CB8-0EE9-4DBD-AD5F-8A13BB62673C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2450l:-:*:*:*:*:*:*:*", matchCriteriaId: "81971C2F-137A-4F11-8C93-3B99D4CD1B58", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2450l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "98E0BDAC-398E-406B-B2DB-AE049D6E98B1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2470:-:*:*:*:*:*:*:*", matchCriteriaId: "FCB66D7E-B465-4A8B-8CBD-7E93CCA2CD6F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2470_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "86AFDE6C-DE58-4C4D-882E-474EF6C3D934", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2603:-:*:*:*:*:*:*:*", matchCriteriaId: "950C6BF9-AA47-4287-AC01-D183237490FA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2603_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "2355181D-D8EE-4F80-8280-13D5CBCF4779", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2603_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "5209343F-66B0-4DC0-9111-E2E64CFF7409", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2603_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "720109A6-B79E-48E1-9AE7-7708B154788E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2608l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "82FF0DBD-AE13-4232-80F7-F4C2E2CC9721", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2608l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "E5E944ED-8C02-46B8-BF95-0CE4C352753B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2609:-:*:*:*:*:*:*:*", matchCriteriaId: "77AEA3D1-4846-46E2-9B80-20B19F00DC11", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2609_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "1576978F-E93D-4A47-90B6-6A4E3A7DE558", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2609_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "0D339FE5-001F-4005-88A5-CFFE37F9B63E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2609_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "1BDABA86-497E-497E-A5BA-46F913A4840A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2618l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "DD886F4C-DB6F-4DDD-9807-8BCBB625C226", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2618l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "9E16912A-7F6A-4A2B-B70F-D1FCD34BC7DB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2618l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "F4C454B7-E5F4-4AAE-B577-FD71FA002C8A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2620:-:*:*:*:*:*:*:*", matchCriteriaId: "38BE2781-3A06-4D62-AC8B-68B721DA526B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2620_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "E9AE4EA5-B8C8-4AE2-9614-F9DBDB4D79DC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2620_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "2DA23772-2EB8-4BEE-8703-26D967EC4503", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2620_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "72DC766A-B1F9-4B83-9F9B-CF603EE476BD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2623_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "EA594740-43C5-4F42-BA5B-00CA8AE7BB60", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2623_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "572B16E2-8118-43A0-9A80-5D96831D55FD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2628l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "9FB5C551-BADC-4A3A-93E5-2EBCA0704C51", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2628l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "5383B7A3-1569-4FEB-B299-B87CE8C8A87B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2628l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "A05BBDE0-6C47-4489-9455-7DA7D230ECA1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2630:-:*:*:*:*:*:*:*", matchCriteriaId: "1789AA69-EA31-44D1-82E6-228E48E18586", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2630_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "B4A7D5FF-3B1F-4C64-BB81-7A349765520D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2630_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "D93A92E9-C8D2-4F6E-A5CA-E8AFFEEC7E13", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2630_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "0F0498B3-393A-4C32-B338-E6014B956755", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2630l:-:*:*:*:*:*:*:*", matchCriteriaId: "C451F752-6869-4AFA-BAE5-5C9A54427BF2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2630l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "83710FD1-099B-436D-9640-061D515E10BA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2630l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "517B71CE-6156-40E1-B068-A2B733E205E3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2630l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "11DEEEE5-5055-4CE1-962C-C5F075F4CC02", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2637:-:*:*:*:*:*:*:*", matchCriteriaId: "8718DDAB-3208-48CF-9BCE-54DA1257C16A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2637_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1AA901-E822-4240-9D82-C9311E4F87B2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2637_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "C1CDE3DF-8E79-4997-94EB-B517FFCAE55C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2637_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "12A0DE13-EB0B-493B-BC84-3AEB3D454776", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2640:-:*:*:*:*:*:*:*", matchCriteriaId: "1727697B-1F59-4E29-B036-C32E9076C523", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2640_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "E69E827C-C0D0-46C7-913A-1C1E02CEAACE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2640_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "2528F3F9-34DC-41DA-8926-382CB3EF5560", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2640_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "E452C262-5A8D-4D97-BC7F-A4F5FF53A659", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2643:-:*:*:*:*:*:*:*", matchCriteriaId: "9D57BF69-D750-4278-98AA-976B0D28E347", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2643_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "76ADAE30-6CAD-4F5B-B6F7-C18953144C63", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2643_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "8A25D792-E21D-43EE-8B9D-67DE066DE5DE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2643_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "2C669783-C058-4B4F-BB9A-84B2C4682247", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2648l:-:*:*:*:*:*:*:*", matchCriteriaId: "159B088B-9A85-4CAA-854A-AA080E528F95", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2648l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "FBE74A94-FE8F-4749-A35A-AB7D57E24913", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2648l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "990AC341-0E67-4A81-87E9-EE3EFD9E847E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2648l_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "53BC18B0-58F1-4477-9978-CA7383C197FB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2650:-:*:*:*:*:*:*:*", matchCriteriaId: "474992FB-842D-4661-A565-44AF2CD78693", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2650_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "476E1B79-5342-4895-96D7-E97DFC1F5334", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2650_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "EBD318D5-89A6-4E28-939C-C5B61396806B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2650_v4:-:*:*:*:*:*:*:*", matchCriteriaId: "981AD3FF-1D14-4ECD-8B6F-BCEB7F2409AF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2650l:-:*:*:*:*:*:*:*", matchCriteriaId: "A32C7E89-32ED-4328-9313-FA7D3DDBDC58", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2650l_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "2792EED8-2CBD-478E-BC09-05FE830B3147", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5_2650l_v3:-:*:*:*:*:*:*:*", matchCriteriaId: "97B1AF2F-6E48-4DBD-A60E-3088CA4C3771", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2803:*:*:*:*:*:*:*", matchCriteriaId: "34E1691D-65B3-45E4-A544-8B29E38D569D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2820:*:*:*:*:*:*:*", matchCriteriaId: "E42F2703-B8AB-410E-AF7B-CD0BE777F061", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2830:*:*:*:*:*:*:*", matchCriteriaId: "31244C94-00A3-499C-A91A-1BEF2FB0E6B9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2850:*:*:*:*:*:*:*", matchCriteriaId: "878FF6E8-8A6D-44CE-9DD1-2C912AB8A193", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2850_v2:*:*:*:*:*:*:*", matchCriteriaId: "5078A95B-2BD8-4A37-A356-F53D1A53CB37", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2860:*:*:*:*:*:*:*", matchCriteriaId: "0BFE67CD-DE53-4C4E-8245-35902AEFA6E8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2870:*:*:*:*:*:*:*", matchCriteriaId: "9F231D31-3AAD-4C5D-A225-D2DF94486718", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2870_v2:*:*:*:*:*:*:*", matchCriteriaId: "5998DF5D-E785-45EC-B8D0-1F4EC4F96D50", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2880_v2:*:*:*:*:*:*:*", matchCriteriaId: "EADFD013-0BFB-427C-98E6-F9E4774DCBC9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:2890_v2:*:*:*:*:*:*:*", matchCriteriaId: "58620B10-FEA6-456D-B6B5-2745F5DBE82D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4807:*:*:*:*:*:*:*", matchCriteriaId: "E8F698B1-D9CF-4FE5-933D-EFCEA3056E3D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4809_v2:*:*:*:*:*:*:*", matchCriteriaId: "4858A1F0-97F2-4258-AB98-027BF1EC5117", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4809_v3:*:*:*:*:*:*:*", matchCriteriaId: "3C961A8B-EAFD-4F66-9432-BCC0D154ECCE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4809_v4:*:*:*:*:*:*:*", matchCriteriaId: "052DE6CD-A1E7-4E81-B476-66EF451061C4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4820:*:*:*:*:*:*:*", matchCriteriaId: "3BE1AE1E-6FC0-41D8-857C-C5A99CAF5823", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4820_v2:*:*:*:*:*:*:*", matchCriteriaId: "751B3AC8-D45E-46B6-83D5-311B693F3C0D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4820_v3:*:*:*:*:*:*:*", matchCriteriaId: "9588277A-0B97-4408-9CF7-11271CDAADD6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4820_v4:*:*:*:*:*:*:*", matchCriteriaId: "479FE854-85E5-4ED0-BFAF-2618C9053082", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4830:*:*:*:*:*:*:*", matchCriteriaId: "E048B9BF-77C8-49F7-9F2D-9999F79BA264", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4830_v2:*:*:*:*:*:*:*", matchCriteriaId: "6CD16D4D-E816-486D-96F4-5A2BF75B959F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4830_v3:*:*:*:*:*:*:*", matchCriteriaId: "169C558E-1A83-47D5-A66B-035BD1DD56FF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4830_v4:*:*:*:*:*:*:*", matchCriteriaId: "D683E509-3FB2-4175-BCAB-4EB1B5C04958", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4850:*:*:*:*:*:*:*", matchCriteriaId: "6FCFA915-5445-4732-9F8F-D7561BA4177F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4850_v2:*:*:*:*:*:*:*", matchCriteriaId: "63A9FD98-C22D-48F6-87A1-60791C818A1E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4850_v3:*:*:*:*:*:*:*", matchCriteriaId: "85F99F24-1783-4E6E-BE61-04C2E80356ED", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4850_v4:*:*:*:*:*:*:*", matchCriteriaId: "74CC7EB9-3F59-4C0A-B3A1-984BCCFB25BD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4860:*:*:*:*:*:*:*", matchCriteriaId: "85289E4C-C813-4677-867D-EE8E98F4A1A3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4860_v2:*:*:*:*:*:*:*", matchCriteriaId: "27C8150F-BEFA-406D-9F0D-E7CB187E26AB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4870:*:*:*:*:*:*:*", matchCriteriaId: "1E807F90-819F-4103-B1F7-4CE46971BD63", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4870_v2:*:*:*:*:*:*:*", matchCriteriaId: "CD93203F-71B9-4F87-B5D8-FD273451C8A2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4880_v2:*:*:*:*:*:*:*", matchCriteriaId: "1E652C74-C48D-4F29-9E85-09325632443F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:4890_v2:*:*:*:*:*:*:*", matchCriteriaId: "99158191-3013-4182-8A53-5DFCA1E2C60A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8830:*:*:*:*:*:*:*", matchCriteriaId: "F7E39A3E-7EAE-47C9-930B-58A980B73FC5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8837:*:*:*:*:*:*:*", matchCriteriaId: "FFDA54BA-C00D-4890-9B7F-328257607B21", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8850:*:*:*:*:*:*:*", matchCriteriaId: "1F5EFB1E-334C-4B55-8E2E-6AE19B34774D", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8850_v2:*:*:*:*:*:*:*", matchCriteriaId: "B8260DCA-2F0C-45F7-B35F-D489AF5639F2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8857_v2:*:*:*:*:*:*:*", matchCriteriaId: "7778F81B-6D05-4666-B1D4-53DB0EC16858", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8860:*:*:*:*:*:*:*", matchCriteriaId: "5DC6706A-61F7-4AA0-B2FF-0FFDF739A644", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8860_v3:*:*:*:*:*:*:*", matchCriteriaId: "7EF1B16B-02F2-4ECA-938E-B5CDCFC67816", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8860_v4:*:*:*:*:*:*:*", matchCriteriaId: "3C5501D8-1B0D-4F5A-AFD7-C63181D3281F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8867_v3:*:*:*:*:*:*:*", matchCriteriaId: "1751F0CE-A0D3-40E2-8EEC-D31141FE33A8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8867_v4:*:*:*:*:*:*:*", matchCriteriaId: "5FF9AFA7-BBE8-4229-94CB-5A9596728BA5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8867l:*:*:*:*:*:*:*", matchCriteriaId: "E23A777F-68A4-4217-A75A-4D8A27E6451A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8870:*:*:*:*:*:*:*", matchCriteriaId: "2CA27DFB-CDD1-4F52-86B3-DB2320A9C7B2", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8870_v2:*:*:*:*:*:*:*", matchCriteriaId: "392A4337-11F6-4980-A138-4FDBCAD0EBA4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8870_v3:*:*:*:*:*:*:*", matchCriteriaId: "E2E9BB67-F1FF-4190-889F-78B965CCE934", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8870_v4:*:*:*:*:*:*:*", matchCriteriaId: "F4185A70-5D10-448E-A9AB-AA9D5CDF0FF8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8880_v2:*:*:*:*:*:*:*", matchCriteriaId: "35607317-0928-4297-A33E-D44BEE1BBEC9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8880_v3:*:*:*:*:*:*:*", matchCriteriaId: "D48323B1-7FEB-451F-A064-23E7CE7F6403", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8880_v4:*:*:*:*:*:*:*", matchCriteriaId: "29EF4E8A-EF37-4DCC-B5D4-DA89AF31DD18", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8880l_v2:*:*:*:*:*:*:*", matchCriteriaId: "F5763189-7980-4A72-92C9-1908FE9E15EF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8880l_v3:*:*:*:*:*:*:*", matchCriteriaId: "C53ACD49-DA21-4DDE-A0AA-FCCD59D29886", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8890_v2:*:*:*:*:*:*:*", matchCriteriaId: "4326D350-EBC2-48E6-A2C6-0499F6826CEE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8890_v3:*:*:*:*:*:*:*", matchCriteriaId: "8594E6FE-B6DB-4343-B3DD-AEC19923DAF9", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8890_v4:*:*:*:*:*:*:*", matchCriteriaId: "5BCADA00-E453-414D-9933-FCB43D21BBC3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8891_v2:*:*:*:*:*:*:*", matchCriteriaId: "E62212D9-F707-4A8E-AB2A-A3985E7A4049", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8891_v3:*:*:*:*:*:*:*", matchCriteriaId: "561755A8-8AAD-4F41-8266-747EFDAF2D55", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8891_v4:*:*:*:*:*:*:*", matchCriteriaId: "E6F4BB0F-DAF4-479B-B78A-7929C151AA1B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8893_v2:*:*:*:*:*:*:*", matchCriteriaId: "A207312E-1D35-4464-A111-22C4C793E146", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8893_v3:*:*:*:*:*:*:*", matchCriteriaId: "E9B16E32-07D5-445B-BAA5-4E4A0881BFC1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8893_v4:*:*:*:*:*:*:*", matchCriteriaId: "7CF08F6B-2ECB-414C-82D7-C06085BF8B10", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e7:8894_v4:*:*:*:*:*:*:*", matchCriteriaId: "21032BE3-74D8-4C3F-B461-158F475B6853", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:5115:*:*:*:*:*:*:*", matchCriteriaId: "2F9AC992-59B7-44EE-9FF3-567AC48938AA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:5118:*:*:*:*:*:*:*", matchCriteriaId: "B44B3BFF-649A-4C1E-9564-EFA007FA2BD5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:5119t:*:*:*:*:*:*:*", matchCriteriaId: "C04EDD71-15B3-4085-828C-BB7A43DBDCC0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:5120:*:*:*:*:*:*:*", matchCriteriaId: "CC1BA7AC-989B-4093-841A-C6D5978BF17F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:5120t:*:*:*:*:*:*:*", matchCriteriaId: "1874F848-B15B-4369-A164-5FA11D2B9AFE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:5122:*:*:*:*:*:*:*", matchCriteriaId: "9E46F934-9765-43ED-88A7-A4778C99A976", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6126:*:*:*:*:*:*:*", matchCriteriaId: "380A8F4F-7D1F-4F79-B555-E5AE18EF9F5F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6126f:*:*:*:*:*:*:*", matchCriteriaId: "E8D5217E-9520-4FDB-9330-C8DC2CDDAA70", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6126t:*:*:*:*:*:*:*", matchCriteriaId: "B206674F-1A34-470B-820C-05F9C37792CF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6128:*:*:*:*:*:*:*", matchCriteriaId: "63AE2051-9F8E-4477-8E1E-38A1E06AD247", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6130:*:*:*:*:*:*:*", matchCriteriaId: "6B39281F-990C-4AA3-9287-CCB5BA7E8AC8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6130f:*:*:*:*:*:*:*", matchCriteriaId: "3EDC0FCF-BD22-42AD-8044-9A64215B91CA", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6130t:*:*:*:*:*:*:*", matchCriteriaId: "7E0ED8AA-56D8-4CB6-A765-706BE87C9E30", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6132:*:*:*:*:*:*:*", matchCriteriaId: "AA890C07-7940-4DF4-96FB-8F71A2EFE5C0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6134:*:*:*:*:*:*:*", matchCriteriaId: "E95A34F0-0B74-4031-BC9E-CBC93665BE68", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6134m:*:*:*:*:*:*:*", matchCriteriaId: "4CD3CF38-0DDD-4C1C-B420-4DE0B1C932CF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6136:*:*:*:*:*:*:*", matchCriteriaId: "0BB22DF7-15CE-4340-A05F-BD39FCA41F50", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6138:*:*:*:*:*:*:*", matchCriteriaId: "7BA72DC8-2E4E-453A-A3FB-20F31D32B973", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6138f:*:*:*:*:*:*:*", matchCriteriaId: "758E45B6-7C7A-432D-891D-CB99077AE3B5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6138t:*:*:*:*:*:*:*", matchCriteriaId: "06B3CDFF-B055-4BB4-98FB-DFF4B2E63A29", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6140:*:*:*:*:*:*:*", matchCriteriaId: "26D7A401-BCE1-4673-93C9-67F009B75A39", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6140m:*:*:*:*:*:*:*", matchCriteriaId: "6E62119B-2A65-4473-B570-F118614B0ED6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6142:*:*:*:*:*:*:*", matchCriteriaId: "5E5319E0-909C-4688-AAA6-6A0B5D19FFDF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6142f:*:*:*:*:*:*:*", matchCriteriaId: "8F83F9F9-D2DB-4D40-AD61-29E66B050B45", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6142m:*:*:*:*:*:*:*", matchCriteriaId: "91BE6238-312E-4CF7-9E74-48CB5603B0FF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6144:*:*:*:*:*:*:*", matchCriteriaId: "AC09EB6D-7FAC-4B61-83A5-B0DC18D54EB3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6146:*:*:*:*:*:*:*", matchCriteriaId: "33BA1BE0-0A78-4E94-A619-35735C913180", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6148:*:*:*:*:*:*:*", matchCriteriaId: "3FDD838C-8037-49E1-BAB4-C1D7D29BB9D5", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6148f:*:*:*:*:*:*:*", matchCriteriaId: "24CA40FE-80C5-4A20-8219-CEF51F3162FD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6150:*:*:*:*:*:*:*", matchCriteriaId: "B10305C5-0C2C-48B7-A0AD-2B24AD722EBC", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6152:*:*:*:*:*:*:*", matchCriteriaId: "33E8F127-6EAE-4302-BD52-7C3FCCA307D4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_gold:6154:*:*:*:*:*:*:*", matchCriteriaId: "8D675EA9-33E7-45ED-B6A9-7117AD2FEE26", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_phi:7210:*:*:*:*:*:*:*", matchCriteriaId: "F6E468FE-73BE-4B20-B774-58EC7CD20CDB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_phi:7210f:*:*:*:*:*:*:*", matchCriteriaId: "0FF6B19B-7D45-44B3-8524-407253B93EEE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_phi:7230:*:*:*:*:*:*:*", matchCriteriaId: "2B803FAD-E54D-49FE-A078-029B8FFBBB98", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_phi:7230f:*:*:*:*:*:*:*", matchCriteriaId: "CC511505-ED67-45B4-B76C-56AB750C4408", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_phi:7235:*:*:*:*:*:*:*", matchCriteriaId: "A430C232-79EB-4264-AE24-41D4A2A5D990", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_phi:7250:*:*:*:*:*:*:*", matchCriteriaId: "3A9E3D4B-A3DF-4858-8C64-0316B6E57435", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_phi:7250f:*:*:*:*:*:*:*", matchCriteriaId: "19108672-E1AA-41CC-B86C-061D3721C8B8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_phi:7285:*:*:*:*:*:*:*", matchCriteriaId: "200D36CF-AEDE-4183-8C54-748E6E5A3218", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_phi:7290:*:*:*:*:*:*:*", matchCriteriaId: "4CF13A44-5163-4282-8EE8-7DC05499B5E0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_phi:7290f:*:*:*:*:*:*:*", matchCriteriaId: "827C12CE-D87D-489D-ABA7-BE0405EC33D4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_phi:7295:*:*:*:*:*:*:*", matchCriteriaId: "16AA78F7-520B-4FFC-838C-DC74FEE8E13F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8153:*:*:*:*:*:*:*", matchCriteriaId: "8CB2949C-4699-49EF-83EB-31199E0CE2DF", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8156:*:*:*:*:*:*:*", matchCriteriaId: "66C169DC-EEFE-4DE6-A3D0-65B606527240", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8158:*:*:*:*:*:*:*", matchCriteriaId: "FD28227A-8888-43B2-BC41-8D54B49DA58C", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8160:*:*:*:*:*:*:*", matchCriteriaId: "7984BAEA-4518-4E17-830E-B34D09648BD8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8160f:*:*:*:*:*:*:*", matchCriteriaId: "2C2214E5-491E-448F-A4B6-A497FB44D722", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8160m:*:*:*:*:*:*:*", matchCriteriaId: "2AE93013-C262-46A5-8E77-D647881EE632", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8160t:*:*:*:*:*:*:*", matchCriteriaId: "85B53CEC-943F-4966-8EC1-CB2C6AD6A15B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8164:*:*:*:*:*:*:*", matchCriteriaId: "EEAC04A3-EBE3-406B-B784-A3547162ECE4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8168:*:*:*:*:*:*:*", matchCriteriaId: "15720FFE-B2A4-4347-BCD7-DFA6774C0B8F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8170:*:*:*:*:*:*:*", matchCriteriaId: "50F46B0E-C746-44B4-B343-E3DCAB4B98DE", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8170m:*:*:*:*:*:*:*", matchCriteriaId: "5AE30903-4F75-4D71-A8BB-44D1099E9837", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8176:*:*:*:*:*:*:*", matchCriteriaId: "98311EAA-26C8-4092-8BE5-4E7BEAA68DD4", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8176f:*:*:*:*:*:*:*", matchCriteriaId: "DB8CF348-811C-4342-ACB9-AFCABCC34331", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8176m:*:*:*:*:*:*:*", matchCriteriaId: "71998EC5-EC0F-496C-B658-3CD91D824944", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_platinum:8180:*:*:*:*:*:*:*", matchCriteriaId: "A1F19B2A-E7A1-4B97-AC40-02B0D3673555", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_silver:4108:*:*:*:*:*:*:*", matchCriteriaId: "CB6387C9-C0A8-4B26-BC62-802775CD0AD3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_silver:4109t:*:*:*:*:*:*:*", matchCriteriaId: "EFEB0164-77C2-4EC2-92FD-5FCE246119CB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_silver:4110:*:*:*:*:*:*:*", matchCriteriaId: "FDB20210-337C-4220-8CA1-F4B2BC54EBC3", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_silver:4112:*:*:*:*:*:*:*", matchCriteriaId: "F699569F-4F52-4CC0-90D9-CC4CBC32428A", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_silver:4114:*:*:*:*:*:*:*", matchCriteriaId: "CBAED22B-D097-49C4-ADDF-4B3F3E1262D6", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_silver:4114t:*:*:*:*:*:*:*", matchCriteriaId: "ACF5C3C2-EE69-4DE7-A76C-C797192EE7A1", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_silver:4116:*:*:*:*:*:*:*", matchCriteriaId: "7756B588-5A63-4508-8BDD-92DB8CB0F4AD", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_silver:4116t:*:*:*:*:*:*:*", matchCriteriaId: "316E26AE-67A5-4E75-8F9B-ECF4A03AED51", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", matchCriteriaId: "CB66DB75-2B16-4EBF-9B93-CE49D8086E41", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", matchCriteriaId: "588D4F37-0A56-47A4-B710-4D5F3D214FB9", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", matchCriteriaId: "9070C9D8-A14A-467F-8253-33B966C16886", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:local_service_management_system:13.1:*:*:*:*:*:*:*", matchCriteriaId: "668E2252-2290-41B5-95AB-95FB6092FF8F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:local_service_management_system:13.2:*:*:*:*:*:*:*", matchCriteriaId: "DBD9A6A2-3AE0-46A5-A953-1ADC280C16E3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:local_service_management_system:13.3:*:*:*:*:*:*:*", matchCriteriaId: "7511381A-142F-4EC4-9399-86BA8218A6AC", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", matchCriteriaId: "964B57CD-CB8A-4520-B358-1C93EC5EF2DC", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "521AB96C-3C60-44E1-935E-C6037343A3DC", versionEndExcluding: "1.1.7-6941-1", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*", matchCriteriaId: "7C997777-BE79-4F77-90D7-E1A71D474D88", vulnerable: true, }, { criteria: "cpe:2.3:a:synology:virtual_machine_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2F53AB67-1CFA-467B-B2B1-D2447886FECE", versionEndExcluding: "6.2-23739", vulnerable: true, }, { criteria: "cpe:2.3:o:synology:diskstation_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4FB76C76-94F1-4109-9BA0-2390112816B3", versionEndExcluding: "6.2.2-24922", versionStartIncluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3D0C5120-B961-440F-B454-584BC54B549C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*", matchCriteriaId: "1CCBDFF9-AF42-4681-879B-CF789EBAD130", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:synology:vs360hd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "66FC24F8-1B82-40EC-856A-2EA1736FFE5D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:synology:vs360hd:-:*:*:*:*:*:*:*", matchCriteriaId: "C8E2100A-F6C2-4B86-A4D0-08D998BEC86B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*", matchCriteriaId: "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:12:sp2:*:*:*:*:*:*", matchCriteriaId: "3C04C1B2-B0C7-402D-B79E-B0157E011B28", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:12:sp3:*:*:*:*:*:*", matchCriteriaId: "E6334AF0-79FD-444D-BD41-DC8BF90A4109", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp4:*:*:*:*:*:*", matchCriteriaId: "41E76620-EC14-4D2B-828F-53F26DEA5DDC", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp2:*:*:*:*:*:*", matchCriteriaId: "5A7ED7DD-A7D2-4A71-8415-26103530AB2E", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp2:*:*:*:*:raspberry_pi:*", matchCriteriaId: "CE80FF2C-0075-4F00-938F-C2C267E950D0", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp3:*:*:*:*:*:*", matchCriteriaId: "CEF98D6C-3C80-4A42-B14B-22D69BC1F4C2", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*", matchCriteriaId: "50E90625-DEB3-49D3-89B6-E9EEFFABD975", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit:12:sp2:*:*:*:*:*:*", matchCriteriaId: "6E24E90D-6E89-439A-8418-440910C3F07C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit:12:sp3:*:*:*:*:*:*", matchCriteriaId: "33AFC27C-16AF-4742-9891-2240A73C6602", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:cortex-r7_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "93C10475-AE35-4134-BB87-45544A62C942", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:cortex-r7:-:*:*:*:*:*:*:*", matchCriteriaId: "044039A3-2AC7-4685-B671-C9B9FFD4ED6E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:cortex-r8_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "477B6938-2314-487E-BB35-354B335AC642", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:cortex-r8:-:*:*:*:*:*:*:*", matchCriteriaId: "AE2F2C6D-3F41-4C42-81E2-01A52AD035B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:cortex-a8_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D44EBD85-6140-41CD-8D26-29554CD2FBA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:cortex-a8:-:*:*:*:*:*:*:*", matchCriteriaId: "87BC54A8-6CF9-453F-9008-72CBA8C62BC4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:cortex-a9_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17DD7CB1-76E8-41C3-86B8-E43ECBB5E6CB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:cortex-a9:-:*:*:*:*:*:*:*", matchCriteriaId: "4437E468-F93D-4CE3-A156-06F631030A41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:cortex-a12_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "03311F2A-30E6-474E-824A-281ED3DE86AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:cortex-a12:-:*:*:*:*:*:*:*", matchCriteriaId: "40B4D5CE-8DC1-4300-BCF0-71CFB4331B71", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:cortex-a15_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23EADA1F-73E8-4E70-AF90-CE8D26552687", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:cortex-a15:-:*:*:*:*:*:*:*", matchCriteriaId: "F8FDE279-49C3-452A-B9B0-36199C221F95", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:cortex-a17_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D591F3BE-13BB-4006-BE46-E975779DE5E6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:cortex-a17:-:*:*:*:*:*:*:*", matchCriteriaId: "5D90DFDC-0B90-4431-9A23-194A5BC651F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:cortex-a57_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "68D895EC-B0A9-4292-AC64-60673F72C765", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:cortex-a57:-:*:*:*:*:*:*:*", matchCriteriaId: "B00CD88D-5649-403F-A55A-BD49427D30FA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:cortex-a72_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "38768B2B-F1A3-4A76-8716-9520CA075F3D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:cortex-a72:-:*:*:*:*:*:*:*", matchCriteriaId: "16E23102-964E-485D-8EFF-4B1BBFE6EDE4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:cortex-a73_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7173A6DC-4D4E-424C-A922-C16D67627834", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:cortex-a73:-:*:*:*:*:*:*:*", matchCriteriaId: "33B1374D-59E8-4FE5-AC6C-0323AB1DD60D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:cortex-a75_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7A891447-2F1D-48B4-AA47-3CB7EA4FDC7C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:cortex-a75:-:*:*:*:*:*:*:*", matchCriteriaId: "7C1DF922-1F46-41A6-A367-E56DD8C4163D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:cortex-a76_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "08CC4E5E-2794-4893-9B45-E14A3F4CF159", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:cortex-a76:-:*:*:*:*:*:*:*", matchCriteriaId: "9E4FCA77-71D3-495E-BA2A-2953369E5DCC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:pepperl-fuchs:visunet_rm_shell:-:*:*:*:*:*:*:*", matchCriteriaId: "F926EFFA-6C44-4D99-B1EB-C9EAB63B6768", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:pepperl-fuchs:btc12_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D1F44360-2B5D-4154-9D58-8ACEEF99DF15", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:pepperl-fuchs:btc12:-:*:*:*:*:*:*:*", matchCriteriaId: "1574ACD1-F5EC-47C9-97C5-A456E2C1D7F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:pepperl-fuchs:btc14_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5DD89499-E4BE-4ACD-878C-06EB2BD59FC5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:pepperl-fuchs:btc14:-:*:*:*:*:*:*:*", matchCriteriaId: "9111BA3B-6A12-4974-9B94-548F6968BB8C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*", matchCriteriaId: "8A6E548F-62E9-40CB-85DA-FDAA0F0096C6", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", matchCriteriaId: "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl_ppc_1000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "AAAE5EC4-9BB6-42EB-9B20-9CC3FADB1C8D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl_ppc_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "D74B2ACC-6043-40F3-AAEC-BAEC804C7C65", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl_ppc12_1000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "ABE50478-AEA1-4DE3-9032-289DC6955634", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl_ppc12_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "8EDAE7D8-7902-46C6-AE2B-8AA76E84417F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl_ppc15_1000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F5D8E919-CFBD-466A-A519-9B509A4E3663", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl_ppc15_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCA09162-3331-49F6-A183-DDBE51C7F0FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl_ppc17_1000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "AB43A6C2-20DD-437D-AE6C-00A20C760CFB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl_ppc17_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "9F230367-F012-459C-AA19-38B2856C12A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl_bpc_2000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E8C44C9C-BA5D-42DD-968C-7D75795A1ABC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl_bpc_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "F51A0C40-1A6E-4955-A498-F94EBDCCE0A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl_bpc_2001_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "91424832-CC0F-454D-A77B-3D438D17CAB2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl_bpc_2001:-:*:*:*:*:*:*:*", matchCriteriaId: "C9544FE3-45A5-4803-A682-305C7BE488E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl_bpc_3000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B2498F2D-5A4B-4893-84E3-1144C6A16F01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl_bpc_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE01550-016B-4BBA-9E56-FC18F0D52C82", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl_bpc_3001_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4B39DD6E-EB5B-46AE-9F7E-C3AB8744DC33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl_bpc_3001:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA86326-3959-40AE-8984-F01B6C49C846", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl_ppc15_3000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "34215265-15D4-4662-9D8A-20E8F48560BF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl_ppc15_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "AE66F952-2BDD-4700-AA3B-6CEF7EFBA4F7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl_ppc17_3000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A6EF7D36-9416-4634-AC9F-4115560E450F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl_ppc17_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "2A4D7BA0-3715-4E91-A63F-AEA251BA35F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl_bpc_7000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "88F9519E-5640-45EF-8D4D-65E81797B967", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl_bpc_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "7E5A7C1F-3F46-4374-9F62-DC7B28020D86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl_bpc_7001_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "236A1006-7E56-4D2A-A9AF-C11E98EFBA56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl_bpc_7001:-:*:*:*:*:*:*:*", matchCriteriaId: "6ED51E38-43DC-4214-8011-A223D6C03486", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl_ppc_7000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9901BBE2-F9C3-4F5E-82FF-9C84691BF148", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl_ppc_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "1E67487D-73DA-4105-B4F8-41A1D54640DA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl_ppc15_7000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "772FFDA5-B054-4F97-A399-9A8E4B4830FD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl_ppc15_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "FF2DB741-F0D0-4607-A40B-4A9BB97231BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl_ppc17_7000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3B647A88-B245-4796-BE42-EEE78D06F500", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl_ppc17_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "3622D879-BA40-48B1-89D5-608AA99333A1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl_rackmount_2u_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "624F92AA-903D-4ADC-83BE-35B4EAE7F740", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl_rackmount_2u:-:*:*:*:*:*:*:*", matchCriteriaId: "783D5428-AC98-4C58-AD6F-0D518B695529", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl_rackmount_4u_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "69097B1F-C3EC-42FA-8C69-32D9DC430611", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl_rackmount_4u:-:*:*:*:*:*:*:*", matchCriteriaId: "A3F1000E-ECF5-4952-BE18-53DEB7BA8135", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl2_bpc_1000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "12165D80-E3BA-4254-A3C0-F9785ECEE6A6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl2_bpc_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "8631B12E-CE9A-41D2-BE3E-1C2FAF513468", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl2_ppc_1000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2378F6D3-FF9D-45AD-932C-9ED4B3FE8CFE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl2_ppc_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9E21E1-C9C6-4790-9C8F-153A0AA2120C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl2_bpc_2000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F999652C-BCCA-4EFC-B859-4D6D995267D6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl2_bpc_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "DA4BAB42-0A0A-480D-9DF2-7E99E45A12E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl2_ppc_2000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86F3E671-D5BC-4FDC-9878-A6FB248E2D1D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl2_ppc_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "1E838BFB-784F-4E36-990E-F50F554FCD15", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl2_bpc_7000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9E9E5307-7E77-4002-95EF-7FE4AB32EBCE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl2_bpc_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "A537819A-95AD-406A-960B-A56DF4199B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:bl2_ppc_7000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "962E3CCD-39B6-43DB-A922-CBFE1CA5431D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:bl2_ppc_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "F097E450-3E21-429E-8EDE-A20A32E205E6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:dl_ppc15_1000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "60030678-EC0C-4B4C-97DF-8B8EBE1DED97", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:dl_ppc15_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "5A2FE4D0-D0BB-407E-9270-88269BE962C9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:dl_ppc15m_7000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "012D6DF0-E257-48B0-AF01-3226E6065590", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:dl_ppc15m_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C5EFEB19-FCBB-4B6B-BAD2-786608E95E07", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:dl_ppc18.5m_7000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "21FDD77C-F607-48A0-9D03-29CC232213D6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:dl_ppc18.5m_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "A21D272B-5DA1-48C4-9C29-60FD1DA3B560", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:dl_ppc21.5m_7000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "ADFF99F0-4651-4CC4-8CD5-01DF8929B10E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:dl_ppc21.5m_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "13C2D96C-0AC1-476A-9674-957745E134C3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:el_ppc_1000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D06CE4B7-C9DE-4EAF-8F94-2381AC559959", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:el_ppc_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F5EF7960-4750-4ADA-B0A6-5B454A6A77E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:el_ppc_1000\\/wt_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6EC378F8-533D-4F7C-99A3-0C2394C99172", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:el_ppc_1000\\/wt:-:*:*:*:*:*:*:*", matchCriteriaId: "7A942215-96BB-4E0C-AFBE-3FF70719B15F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:el_ppc_1000\\/m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8559D73D-1275-4275-93FD-77E252C5E4C5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:el_ppc_1000\\/m:-:*:*:*:*:*:*:*", matchCriteriaId: "7F8F8B95-79EB-437E-A9CB-B5C0A9E395F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:valueline_ipc_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "525798C3-7035-43D1-99FE-653797DECA3E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:valueline_ipc:-:*:*:*:*:*:*:*", matchCriteriaId: "9797EACE-8534-486F-A48B-7509F7906CA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl_bpc_1000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "658A8B84-8735-4CB8-9E9F-702786DD630B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl_bpc_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "BC14F03D-4C8C-4EB5-A4B9-D1D7364796D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl_bpc_2000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7B25B0B2-FFA4-43E4-B61B-EC322E39B084", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl_bpc_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "92563152-F7DF-456A-828A-F225271F4B43", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl_ppc_2000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CAC1465C-D4E4-40A8-BC36-FC5FD3F84EB6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl_ppc_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "717629B0-0981-4233-89AB-AF234847B639", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl_bpc_3000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B3684354-FC1C-47A7-9AD7-00AF992B7605", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl_bpc_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "1B804BA1-9CD7-45AE-B28D-01337A800213", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl_ppc_3000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "054E26F9-188E-4F15-BB1A-8056639C69FF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl_ppc_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "0C7A6530-9CBF-432D-BA7B-45772C325A02", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl_ipc_p7000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EE73860-B3B8-4A96-8129-9AF45686F966", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl_ipc_p7000:-:*:*:*:*:*:*:*", matchCriteriaId: "D68B1755-4154-4648-980E-3B998B9621C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl2_bpc_1000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5CFA0714-60D4-4D6E-95A6-3195F84F3F2E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl2_bpc_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "18B811D9-EC0D-4623-AD5C-2757AD27604F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl2_ppc_1000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B6C25A38-9F53-4AB9-A11F-9DF08D7CC9E0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl2_ppc_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "CF2F5EFC-6FB1-44CC-A9FD-BAD6D6A29CD5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl2_bpc_2000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C712CB21-C5C6-47E3-9C6A-E5E280E87062", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl2_bpc_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "51D201C6-1DFD-4A0A-BCD7-024E5ADAFA0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl2_ppc_2000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B8CC783-4144-422D-A154-72CC83D83E14", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl2_ppc_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "2FCEF736-BE5C-4BA9-80E0-304D55073F36", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl2_bpc_3000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "592BE162-B9B4-4CCD-A5CB-4C316B14BFB1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl2_bpc_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "4548FEDD-22AF-4753-A805-0FAA8BA22410", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl2_ppc_3000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7DD2E38F-01EA-4396-AE9E-B723FFA0E8D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl2_ppc_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "9DEB26DA-6CA5-4694-AB96-4E376C0D4018", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl2_bpc_7000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "AE2EE280-6E1D-49C5-90B8-FA1940CC6E77", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl2_bpc_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "A0ED092A-9CCC-4794-B8CC-531572B32F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl2_ppc_7000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A2596D20-A6F7-4FE7-9E94-11965188DB68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl2_ppc_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "AF7632B9-340A-4249-91B3-0C93232B3108", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl2_bpc_9000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9BD42607-7668-4ACC-94F3-E4C1F510EE38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl2_bpc_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "DC743E65-BFC2-4149-AB51-F529AB934296", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl2_ppc_9000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "AB0A1D10-B700-40A2-9A89-DDBD809294DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl2_ppc_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "CBED3056-BE7E-47DA-9818-4D57E29E7586", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl2_ppc7_1000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "67B75497-625B-44D2-8552-F8AA597EA6D0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl2_ppc7_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "AA9B7B72-413E-4B2E-A68C-D5A748CA4CBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl2_ppc9_1000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "766B3429-8B60-4774-BFCA-349F59846D6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl2_ppc9_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "1EC738BF-9BDB-4969-B00E-253D47C583D3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:phoenixcontact:vl2_ppc12_1000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3452BB23-7A21-48F5-971F-9D8C92697B36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:phoenixcontact:vl2_ppc12_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "45335605-EBA7-4C20-A334-A427656FD261", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_itc1500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "766841A0-9E9F-48A6-B815-467734AD7D68", versionEndExcluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_itc1500:v3:*:*:*:*:*:*:*", matchCriteriaId: "CD355D0B-151A-457B-B0C9-7A6314315364", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_itc1500_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1511A71-8E8B-4985-8A39-69C801D48BFC", versionEndExcluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_itc1500_pro:v3:*:*:*:*:*:*:*", matchCriteriaId: "F8D4A368-64AF-412B-B5BB-AD6BC84F95C3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_itc1900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "13EA8C25-9918-456E-B0F5-206081207E98", versionEndExcluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_itc1900:v3:*:*:*:*:*:*:*", matchCriteriaId: "070D8D5D-0703-41BC-8D44-8379409D7CFB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_itc1900_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D54BE23-10D8-4FD2-9C0F-49785E55E28D", versionEndExcluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_itc1900_pro:v3:*:*:*:*:*:*:*", matchCriteriaId: "1402705D-BB4B-4639-92A8-B939B6AB3173", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_itc2200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "482C1848-4840-4CE4-B8C1-E387CA672AB3", versionEndExcluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_itc2200:v3:*:*:*:*:*:*:*", matchCriteriaId: "41507D57-119A-4EE6-8F3C-7DB635298F1F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_itc2200_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DDA0CBED-0140-4319-817C-CAE812EA5815", versionEndExcluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_itc2200_pro:v3:*:*:*:*:*:*:*", matchCriteriaId: "74DC92AC-246D-4DA2-85B3-B33EA5839310", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_winac_rtx_\\(f\\)_2010_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9C4333E-242B-472B-88A6-41669FCE48E4", versionEndExcluding: "2010", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_winac_rtx_\\(f\\)_2010_firmware:2010:-:*:*:*:*:*:*", matchCriteriaId: "E84371B8-69B9-4C60-B1AE-9EA89E25961B", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_winac_rtx_\\(f\\)_2010_firmware:2010:sp1:*:*:*:*:*:*", matchCriteriaId: "4CBC4304-6AD9-4C12-B814-76CCCF9EBF0C", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_winac_rtx_\\(f\\)_2010_firmware:2010:sp2:*:*:*:*:*:*", matchCriteriaId: "222D35AE-B32B-4167-9A6D-E88CCF3C823C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_winac_rtx_\\(f\\)_2010:-:*:*:*:*:*:*:*", matchCriteriaId: "E6034789-ABD1-4035-8378-F0BA7157B087", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*", matchCriteriaId: "20740117-8BC1-47B8-AA10-8ADF91F1CA86", versionEndExcluding: "8.5.9", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*", matchCriteriaId: "133DFB76-70D7-4480-B409-2A657DF3B6AD", versionEndExcluding: "12.5.8", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:-:*:*:*:*:*:*", matchCriteriaId: "B66C5256-6863-4B81-BC82-B76320467449", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201312101:*:*:*:*:*:*", matchCriteriaId: "5D98B374-B2FC-47C3-8376-B9F45664C436", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201312102:*:*:*:*:*:*", matchCriteriaId: "B75207AF-2BB8-4D6B-AF4C-BEB25895BA2B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201312401:*:*:*:*:*:*", matchCriteriaId: "4091C844-6778-46D2-B135-CD4E3FAA0714", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201312402:*:*:*:*:*:*", matchCriteriaId: "7A3308A7-AF6A-4519-92E2-EF5FE6F9C78B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201403101:*:*:*:*:*:*", matchCriteriaId: "BB2F377F-7260-47FE-9F50-40374EA1ED9D", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201403102:*:*:*:*:*:*", matchCriteriaId: "B73A27AE-5483-4F59-9D03-1E65CEFB5EBE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201403201:*:*:*:*:*:*", matchCriteriaId: "67E6B861-B758-48C6-9B4E-CA348D4A8D11", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201403202:*:*:*:*:*:*", matchCriteriaId: "25D9AB99-4AD7-4765-9832-44180E038BB6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201403203:*:*:*:*:*:*", matchCriteriaId: "0AB2650C-DF46-498E-AD6E-549649A20849", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201403204:*:*:*:*:*:*", matchCriteriaId: "CE7D5CA7-2D77-4B44-AE53-DF07A9D3E43F", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201403205:*:*:*:*:*:*", matchCriteriaId: "7E9270E3-F4FC-43ED-BA80-67F321BF33C4", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201403206:*:*:*:*:*:*", matchCriteriaId: "B687FC8F-DE82-446B-8EB1-3F3193735D26", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201403207:*:*:*:*:*:*", matchCriteriaId: "1B710A10-5076-4473-88AE-CA4A9935DF77", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201403208:*:*:*:*:*:*", matchCriteriaId: "432C66F0-03FA-4E0A-805F-7505B92C348B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201403209:*:*:*:*:*:*", matchCriteriaId: "4B0B6D86-60E9-4193-8E8B-F07DF7410746", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201403210:*:*:*:*:*:*", matchCriteriaId: "D17F3263-3107-4785-BF6B-8A62A13FC720", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201403211:*:*:*:*:*:*", matchCriteriaId: "5A86BD5F-3858-4E50-995A-CEBE0C0FC19C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201404401:*:*:*:*:*:*", matchCriteriaId: "0FB7F12A-3C70-41DC-B64F-990316118A07", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201404402:*:*:*:*:*:*", matchCriteriaId: "A1CF97B6-E3AE-47A6-A49F-3BFE66CB87F7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201404403:*:*:*:*:*:*", matchCriteriaId: "A644757F-6A6F-49F5-9B81-06F10C5E34EC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201404420:*:*:*:*:*:*", matchCriteriaId: "D84D5E4F-DDBA-42B7-974B-02DCB780E8CB", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201406401:*:*:*:*:*:*", matchCriteriaId: "979169D0-0C6E-4B4A-8FEA-FEBE33B09D0E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201407101:*:*:*:*:*:*", matchCriteriaId: "20EB85A2-0051-430F-85B8-C2DA446E0AC0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201407102:*:*:*:*:*:*", matchCriteriaId: "12156ABC-3724-4F3E-9E38-7C2C896C48EC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201407401:*:*:*:*:*:*", matchCriteriaId: "BC573DAD-46D1-473A-B530-862DD301F287", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201407402:*:*:*:*:*:*", matchCriteriaId: "08A9F95B-6B7A-4CDE-94AC-3235ED59B1E3", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201407403:*:*:*:*:*:*", matchCriteriaId: "05F30A0A-DC59-4BDE-9060-BE25E35A21BA", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201407404:*:*:*:*:*:*", matchCriteriaId: "A6B31963-6FA3-4EC8-9F95-A999EB95B3F0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201407405:*:*:*:*:*:*", matchCriteriaId: "B7DE1928-2F1F-442C-9E10-080AD9BD8D48", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201409101:*:*:*:*:*:*", matchCriteriaId: "D52E2286-239F-4486-9FB1-40ABF2C3A4D8", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201409201:*:*:*:*:*:*", matchCriteriaId: "7D8617AE-22D6-4A9A-864B-6B104AE19826", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201409202:*:*:*:*:*:*", matchCriteriaId: "9AE60429-3163-4621-9973-9569C489D0F5", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201409203:*:*:*:*:*:*", matchCriteriaId: "946564F5-90DF-47FB-B704-434222171F72", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201409204:*:*:*:*:*:*", matchCriteriaId: "7B371375-2F70-4A5C-81A1-3D24236EE06C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201409205:*:*:*:*:*:*", matchCriteriaId: "2D89D1FB-354B-4F47-9B68-BC88266C603D", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201409206:*:*:*:*:*:*", matchCriteriaId: "990EA9A7-AA65-41D9-BFC3-987DEB875AF0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201409207:*:*:*:*:*:*", matchCriteriaId: "45930839-7669-46B1-88A8-EC7448CFAA1E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201410101:*:*:*:*:*:*", matchCriteriaId: "116EC72C-1639-4E89-8DA5-14F326D8E91D", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201410401:*:*:*:*:*:*", matchCriteriaId: "56ED6A51-50F6-4181-9FFB-411854102B44", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201410402:*:*:*:*:*:*", matchCriteriaId: "013566F1-27AD-408A-9ADE-3D88865FC560", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201410403:*:*:*:*:*:*", matchCriteriaId: "B924FE54-CA68-4C95-A9DA-DD37F2B8D851", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201410404:*:*:*:*:*:*", matchCriteriaId: "953DC00C-C694-4AFF-AC8D-3EF8F7B2EA9E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201410405:*:*:*:*:*:*", matchCriteriaId: "71726A09-D9DE-4063-8B83-35F5E1C15C4A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201410406:*:*:*:*:*:*", matchCriteriaId: "466ADBAF-9B8A-4F46-A061-3892CDFE0BE9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201501101:*:*:*:*:*:*", matchCriteriaId: "A5E9B1C7-54CF-4761-ACC4-85D706ECE6FB", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201501401:*:*:*:*:*:*", matchCriteriaId: "7870F2CD-247B-4F1F-BE7E-B0A73210CB7D", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201501402:*:*:*:*:*:*", matchCriteriaId: "21D439E5-9283-41F2-A68E-48C27648A4F0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201501403:*:*:*:*:*:*", matchCriteriaId: "FE762CF7-9B71-4E79-AF1F-077FF2584F3C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201501404:*:*:*:*:*:*", matchCriteriaId: "A86BD94F-D60A-4E5C-808D-F129B2C221F9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201501405:*:*:*:*:*:*", matchCriteriaId: "91CA06BB-2978-48E7-974C-AE588D0B773B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201502401:*:*:*:*:*:*", matchCriteriaId: "AEC96D0F-56B5-4582-8519-5CFD59276221", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201504201:*:*:*:*:*:*", matchCriteriaId: "D8285D4D-9962-42CC-95C6-F5452EA62B11", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201505101:*:*:*:*:*:*", matchCriteriaId: "C715C51F-F1FC-4B92-BF77-EC75882CFE02", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201505401:*:*:*:*:*:*", matchCriteriaId: "F1BA0B41-E7B7-469F-BEB1-73A6A3315BA8", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201505402:*:*:*:*:*:*", matchCriteriaId: "26E44694-3121-4F50-9052-BAB42D6B45C6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201505403:*:*:*:*:*:*", matchCriteriaId: "CF156298-D57B-4F30-8895-C3DCE5D8FA7B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201505404:*:*:*:*:*:*", matchCriteriaId: "2485CC85-A58A-41A3-A0C3-F52C82D772A1", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201509101:*:*:*:*:*:*", matchCriteriaId: "3CB9206E-98ED-472F-8272-3DA2FEA82696", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201509102:*:*:*:*:*:*", matchCriteriaId: "83FEB3AF-DB9D-4958-AC26-04C694F0416A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201509201:*:*:*:*:*:*", matchCriteriaId: "62A760D9-FEA2-49AD-8250-3A830398ECD6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201509202:*:*:*:*:*:*", matchCriteriaId: "43E6E75D-D814-4DAA-9759-6948955501DC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201509203:*:*:*:*:*:*", matchCriteriaId: "BEFD9527-F0CA-493B-A894-4BB26AB65F54", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201509204:*:*:*:*:*:*", matchCriteriaId: "9DC241D3-4352-4339-8C81-BA7878FD5062", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201509205:*:*:*:*:*:*", matchCriteriaId: "D2E50F31-00DB-4724-982E-E39E55E75FBB", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201509206:*:*:*:*:*:*", matchCriteriaId: "1099C9B4-11A1-4545-8054-5CC247286617", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201509207:*:*:*:*:*:*", matchCriteriaId: "8F018232-8B68-4496-A38B-6E1B84F1AA28", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201509208:*:*:*:*:*:*", matchCriteriaId: "D0F66CE5-E0BD-41B4-9D36-1C626FFF2141", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201509209:*:*:*:*:*:*", matchCriteriaId: "08CB5270-1BD3-48D0-AB8C-B3CF0C52499F", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201509210:*:*:*:*:*:*", matchCriteriaId: "EC263338-15D1-4F8C-8BE7-494971F31682", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201509211:*:*:*:*:*:*", matchCriteriaId: "061C95B9-845F-4235-9ABE-7BD5F555209C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201509212:*:*:*:*:*:*", matchCriteriaId: "75EB3FC3-C4C1-4841-88E6-922CADC9B402", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201509213:*:*:*:*:*:*", matchCriteriaId: "FE0F78D7-2139-46AD-9C69-229BA94896D2", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201510401:*:*:*:*:*:*", matchCriteriaId: "A630790E-2F77-4C05-91BD-06AB8894A28E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201512101:*:*:*:*:*:*", matchCriteriaId: "6A96EA60-16A8-4129-8E2E-B8B5C4F83D39", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201512102:*:*:*:*:*:*", matchCriteriaId: "A30EE76C-594A-4DD2-95D5-8E8D8B6D3185", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201512401:*:*:*:*:*:*", matchCriteriaId: "D9A31A47-DE48-42AA-B7CD-4661624A50A0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201512402:*:*:*:*:*:*", matchCriteriaId: "B0CC39CC-45DF-4461-9219-808CBE68592A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201512403:*:*:*:*:*:*", matchCriteriaId: "4FAC6817-6316-4592-8510-02772D3EFF3E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201512404:*:*:*:*:*:*", matchCriteriaId: "711F5017-AEC2-4649-AA8A-6A596591F11C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201601401:*:*:*:*:*:*", matchCriteriaId: "A12209C7-0027-46B1-A8D8-535A631A4FA9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201602401:*:*:*:*:*:*", matchCriteriaId: "8D09CF29-38FD-487F-8597-518F206531BC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201608101:*:*:*:*:*:*", matchCriteriaId: "D35EAA15-0DEA-42D8-AEFE-F4CB6BC6CFEC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201608102:*:*:*:*:*:*", matchCriteriaId: "BEC12F16-071D-4648-A044-1274CBACE988", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201608401:*:*:*:*:*:*", matchCriteriaId: "0763BDFC-0D5D-43E0-BD3C-F6A7D41F53C6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201608402:*:*:*:*:*:*", matchCriteriaId: "57160A54-9049-4F31-AF1A-28A18F0EFF95", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201608403:*:*:*:*:*:*", matchCriteriaId: "54AD4072-BFAE-4941-8CC3-6DE5E3222DAD", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201608404:*:*:*:*:*:*", matchCriteriaId: "9109EB3E-C635-4B99-9BE5-B9FD9C4B5D6E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201608405:*:*:*:*:*:*", matchCriteriaId: "2E01FEF6-8D64-428E-AFB0-FFEB21CCDC39", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201609101:*:*:*:*:*:*", matchCriteriaId: "910B3A6A-F418-4A0E-B612-DECD4900BB14", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201609102:*:*:*:*:*:*", matchCriteriaId: "A6B5E386-0BFC-4F1B-9D1A-E2F31C8A05BB", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201609401:*:*:*:*:*:*", matchCriteriaId: "29175BA1-3A31-4E9E-8B52-B078CC33F51C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201609402:*:*:*:*:*:*", matchCriteriaId: "573A99EF-0B6B-41D6-B71F-1C21B1565A3D", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201609403:*:*:*:*:*:*", matchCriteriaId: "209AD390-0ABA-4225-9168-A769ED7808DD", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201612101:*:*:*:*:*:*", matchCriteriaId: "C4553BE6-DEDE-4E16-A335-1F8DE5F7B9E6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201612102:*:*:*:*:*:*", matchCriteriaId: "5909ED7E-B49C-42D5-A634-788733D49FE8", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201612401:*:*:*:*:*:*", matchCriteriaId: "21B55E0E-8923-4779-970F-A335C708CD3F", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201612402:*:*:*:*:*:*", matchCriteriaId: "D0B9CB8C-8072-46E3-8A6F-41FDB2365436", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201703401:*:*:*:*:*:*", matchCriteriaId: "6C2C8471-D52C-41DF-A96B-E6D0A1E7A070", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201709101:*:*:*:*:*:*", matchCriteriaId: "E2A9B43C-51F7-42C6-84CD-B882055915B9", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201709102:*:*:*:*:*:*", matchCriteriaId: "9F239FF7-CA1E-4711-A8A8-C1F945366E19", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201709103:*:*:*:*:*:*", matchCriteriaId: "7E696E99-6F94-4C74-911A-01162CA34B15", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201709401:*:*:*:*:*:*", matchCriteriaId: "0B18A0A1-F28F-4282-B871-06344A674EDD", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201709402:*:*:*:*:*:*", matchCriteriaId: "FE2DA304-2C7F-4F5A-A3D0-0DF15E442B1C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:5.5.0:550-201709403:*:*:*:*:*:*", matchCriteriaId: "EEF8BCE8-567E-4392-AD10-4DC4EF93E5CD", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*", matchCriteriaId: "3E8861F4-D390-4738-BBF0-9EE4684E9667", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201504401:*:*:*:*:*:*", matchCriteriaId: "2B9D5E67-78C9-495E-91F0-AF94871E5FA2", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201505401:*:*:*:*:*:*", matchCriteriaId: "6D35CDFE-F0E7-43F7-A307-E3BDDE5AEAD5", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507101:*:*:*:*:*:*", matchCriteriaId: "ADC13026-3B5A-4BF0-BDEC-B77338E427E8", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507102:*:*:*:*:*:*", matchCriteriaId: "6CBA70BA-FFCD-4D2D-AD26-95CC62748937", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507401:*:*:*:*:*:*", matchCriteriaId: "4C92DD8B-8AB8-40D4-8E86-12FEB055D37A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507402:*:*:*:*:*:*", matchCriteriaId: "C58D77F5-CDB2-47DA-A879-BABEBE2E1E04", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507403:*:*:*:*:*:*", matchCriteriaId: "D0C324FB-3989-4A4A-BF5B-C40CA698DDB7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507404:*:*:*:*:*:*", matchCriteriaId: "0E7AC58E-D1F8-4FDF-9A28-61CF6158330A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507405:*:*:*:*:*:*", matchCriteriaId: "489EE0F6-5510-470E-8711-DC08B4AFB4F7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507406:*:*:*:*:*:*", matchCriteriaId: "6719ED6F-CBC3-4B1E-9343-23DC3BA15FDA", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201507407:*:*:*:*:*:*", matchCriteriaId: "DDAA48A9-9319-4104-B151-D529E5EBF0F7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509101:*:*:*:*:*:*", matchCriteriaId: "D16CD918-5075-4975-8B1E-21D8AD35A28E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509102:*:*:*:*:*:*", matchCriteriaId: "7A38CD8E-494D-4E0E-A300-8550FC81FAE4", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509201:*:*:*:*:*:*", matchCriteriaId: "1F40ABE8-8DED-4633-A34C-00DF5D510E71", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509202:*:*:*:*:*:*", matchCriteriaId: "1736B975-089B-413C-8CA0-5524B957EF9A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509203:*:*:*:*:*:*", matchCriteriaId: "0E4DCBF6-7189-497A-B923-08574443172C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509204:*:*:*:*:*:*", matchCriteriaId: "16FBA646-0B5E-44A7-BB12-29D5C611AEC5", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509205:*:*:*:*:*:*", matchCriteriaId: "29F57497-7B48-4D0C-B8F5-8D33062BECEE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509206:*:*:*:*:*:*", matchCriteriaId: "ADDE96C7-C489-4D14-990B-8524627A23D2", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509207:*:*:*:*:*:*", matchCriteriaId: "AD82C093-FD98-45DE-9EE6-A05E81A1FEC6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509208:*:*:*:*:*:*", matchCriteriaId: "08789F9E-CDC7-4F89-B925-92C9E3AE5234", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509209:*:*:*:*:*:*", matchCriteriaId: "26ABB84C-B4BF-424E-8F4C-D2B6BE0AC79E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201509210:*:*:*:*:*:*", matchCriteriaId: "621C203B-4B66-49CC-A35D-D7703109BF14", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201510401:*:*:*:*:*:*", matchCriteriaId: "3261BDEF-D89C-41D9-A360-EC36EAB17490", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201511401:*:*:*:*:*:*", matchCriteriaId: "5170A4F6-02B7-4225-B944-73DB5A4D332C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601101:*:*:*:*:*:*", matchCriteriaId: "62A97DBA-A56B-4F0B-B9C4-44B5166681AF", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601102:*:*:*:*:*:*", matchCriteriaId: "806C8BE6-A2BE-45BE-BEF2-396BEB16FCC3", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601401:*:*:*:*:*:*", matchCriteriaId: "DBA6211E-134A-484E-8444-FBB5070B395D", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601402:*:*:*:*:*:*", matchCriteriaId: "3E7B05B3-4076-4A44-B9A6-A44419F175C2", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601403:*:*:*:*:*:*", matchCriteriaId: "1A1636B4-6E79-42D7-AA62-5EE43412B43A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601404:*:*:*:*:*:*", matchCriteriaId: "0F0377D0-BBED-41BF-80C5-58414ED413EE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201601405:*:*:*:*:*:*", matchCriteriaId: "6495283C-D18A-4DDA-852E-46F2273D6DAC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201602401:*:*:*:*:*:*", matchCriteriaId: "09DEFEE5-5E9E-4F3A-A245-3E8E2B291339", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603101:*:*:*:*:*:*", matchCriteriaId: "4B5A97A3-65DB-4697-9CF1-B4F5E4E4132F", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603102:*:*:*:*:*:*", matchCriteriaId: "17A84E0A-1429-467F-9EE1-FCA062392DC2", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603201:*:*:*:*:*:*", matchCriteriaId: "C591163D-64BC-403B-A460-5B2258EC2F8A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603202:*:*:*:*:*:*", matchCriteriaId: "ED932B89-D34D-4398-8F79-AF98987CAFD0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603203:*:*:*:*:*:*", matchCriteriaId: "ABD365A0-0B09-4EC2-9973-691144C99507", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603204:*:*:*:*:*:*", matchCriteriaId: "FBE64DC7-A9D1-416F-89BF-D9F8DD8174AA", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603205:*:*:*:*:*:*", matchCriteriaId: "0E198AE4-A6A3-4875-A7DA-44BE9E1B280F", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603206:*:*:*:*:*:*", matchCriteriaId: "2FDD5BA0-8180-484D-8308-B0862B6E9DC3", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603207:*:*:*:*:*:*", matchCriteriaId: "96A6EB9A-A908-42D1-A6BC-E38E861BBECE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201603208:*:*:*:*:*:*", matchCriteriaId: "651EDCAA-D785-464D-AE41-425A69F6FFB7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201605401:*:*:*:*:*:*", matchCriteriaId: "1B3C704C-9D60-4F72-B482-07F209985E68", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608101:*:*:*:*:*:*", matchCriteriaId: "C1CFE956-4391-4B71-BD0B-96A008A624B7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608401:*:*:*:*:*:*", matchCriteriaId: "409778CD-9AB3-4793-A5F5-8D8657F81442", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608402:*:*:*:*:*:*", matchCriteriaId: "F7EA75DB-B6BE-4E75-89B6-C69E96CBD7BF", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608403:*:*:*:*:*:*", matchCriteriaId: "0DC45A8B-6DE0-465F-9644-B75A09394F25", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608404:*:*:*:*:*:*", matchCriteriaId: "7A265671-BCB0-401A-A1E8-500F9D41492E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201608405:*:*:*:*:*:*", matchCriteriaId: "83168067-1E43-4186-9B15-3FC702C6583C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201610410:*:*:*:*:*:*", matchCriteriaId: "8C122DB4-8410-4C4E-87BE-EB3175CE182B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201611401:*:*:*:*:*:*", matchCriteriaId: "C76ED78D-0778-4269-938E-BB7586C1E44E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201611402:*:*:*:*:*:*", matchCriteriaId: "7A1F78C5-E995-4E37-83C5-5B6A1D39E549", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201611403:*:*:*:*:*:*", matchCriteriaId: "7A2E842D-AF37-4641-AD05-B91F250E7487", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702101:*:*:*:*:*:*", matchCriteriaId: "A07EAC87-32FD-4553-B71D-181F2C66AE68", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702102:*:*:*:*:*:*", matchCriteriaId: "AD6F0D62-4C51-46D6-A6C4-E479BE6B2C91", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702201:*:*:*:*:*:*", matchCriteriaId: "865D3042-68ED-44B9-A036-9433F7463D6F", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702202:*:*:*:*:*:*", matchCriteriaId: "FC4FEF78-D2DA-4CCE-BB81-7E2090ED545C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702203:*:*:*:*:*:*", matchCriteriaId: "11AE3F61-9655-4B20-96E1-92112BE2BEDC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702204:*:*:*:*:*:*", matchCriteriaId: "ECE35166-3019-450B-9C69-484E4EDE5A6D", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702205:*:*:*:*:*:*", matchCriteriaId: "D892B066-381B-4F46-8363-7BA1647BBCD8", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702206:*:*:*:*:*:*", matchCriteriaId: "710DB381-5504-4493-8D0A-17AB8E5A903B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702207:*:*:*:*:*:*", matchCriteriaId: "42AAA3B7-B74D-4B67-8BD3-1D9B5ED1E037", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702208:*:*:*:*:*:*", matchCriteriaId: "33CBCA55-010E-4E84-B2F8-F9B53D5A3340", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702209:*:*:*:*:*:*", matchCriteriaId: "95A73B4B-F9B3-4D66-9668-902902C73CB6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702210:*:*:*:*:*:*", matchCriteriaId: "8D14D51D-E2EA-4826-8C6E-AF1C15F12384", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702211:*:*:*:*:*:*", matchCriteriaId: "BED100A1-9D59-48BE-91D4-0C8F2D678E6E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201702212:*:*:*:*:*:*", matchCriteriaId: "660B51F2-DFE0-49F6-AD2A-6E94B20F4019", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201703401:*:*:*:*:*:*", matchCriteriaId: "8BF80536-348A-468E-AC1C-DA53632FCC83", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201706101:*:*:*:*:*:*", matchCriteriaId: "CFABF302-AC32-4507-BDD9-314854DE55BB", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201706102:*:*:*:*:*:*", matchCriteriaId: "9EDE020F-4FB1-4F1D-B434-6745045702D5", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201706103:*:*:*:*:*:*", matchCriteriaId: "AA1538B9-E860-46CE-A4CA-1393ECA20D30", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201706401:*:*:*:*:*:*", matchCriteriaId: "386A6805-6167-47BA-A02F-073DC7E0FE36", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201706402:*:*:*:*:*:*", matchCriteriaId: "03BA15D8-F7A2-428C-8104-BCEBDE7C1EC0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201706403:*:*:*:*:*:*", matchCriteriaId: "1CFCFE7B-37E5-4C64-9B43-4F693F227231", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201710301:*:*:*:*:*:*", matchCriteriaId: "02CFAE22-37DB-4787-96FB-9E0F8EF671E7", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*", matchCriteriaId: "FBA15143-734D-4889-8B5A-2445A2DDDD4B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*", matchCriteriaId: "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*", matchCriteriaId: "0D2ED442-3F6D-472A-AA98-51D05A65B2E0", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*", matchCriteriaId: "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*", matchCriteriaId: "F948E806-0F73-4145-A723-7A43BA45842B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*", matchCriteriaId: "75FAFF86-C65F-4723-8A63-BACE2F797937", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*", matchCriteriaId: "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*", matchCriteriaId: "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*", matchCriteriaId: "6FA9E337-B4F3-4895-BA58-962F8CDEE73E", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*", matchCriteriaId: "830B0BC1-A368-49AC-B6C9-B000972EF92A", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*", matchCriteriaId: "614394F3-3BEE-4E12-AABF-436D54A04313", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*", matchCriteriaId: "350FD3CE-8B64-4FCF-82DE-BE941156F4F6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*", matchCriteriaId: "C9EAE177-6C7E-4C1B-ADEE-2C036F731272", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*", matchCriteriaId: "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*", matchCriteriaId: "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*", matchCriteriaId: "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*", matchCriteriaId: "7ACC1A72-F6B6-430A-AB89-AB0A11587F58", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*", matchCriteriaId: "45111C74-BF6F-4C05-A0D3-CE325AD0C02B", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*", matchCriteriaId: "B1CE5849-01B1-4E36-83E8-496A3F328C9C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*", matchCriteriaId: "A879BA05-3A80-4EBC-AA9D-9B53695425B4", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*", matchCriteriaId: "3D65A0E8-A1E0-42F3-B77D-2F32979278BB", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*", matchCriteriaId: "80C10150-39BA-4818-B48F-8645D4A0D316", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*", matchCriteriaId: "9792B986-86EF-40E0-9427-A45F858717E1", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*", matchCriteriaId: "37EDD688-C91A-4A35-913A-82E156ADD242", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*", matchCriteriaId: "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*", matchCriteriaId: "47DA50DA-7CA4-4B76-8B3B-A5732509F71D", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*", matchCriteriaId: "76EB1A04-0645-4909-AEF9-33D6FADA4793", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*", matchCriteriaId: "F1A35723-D968-42D6-89EB-86CA550516E6", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*", matchCriteriaId: "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*", matchCriteriaId: "2D6A3952-8429-4762-8701-47D7C1F05A5F", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*", matchCriteriaId: "5B007609-C312-469B-BACF-04D6D80DADF7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:cortex-a77_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "155A0C39-4D0A-4264-B392-46002908939C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:cortex-a77:-:*:*:*:*:*:*:*", matchCriteriaId: "514DE9F5-D826-42AA-B4CF-3EB09F4D3D5D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:cortex-a78_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "96AB8C81-F441-4563-B5E0-B738DF4D1C50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:cortex-a78:-:*:*:*:*:*:*:*", matchCriteriaId: "DDA3C472-D1E9-47B3-AFD0-BD274E3291F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:cortex-a78ae_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E30BECA7-C45A-423D-9200-98D51BE9C84C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:cortex-a78ae:-:*:*:*:*:*:*:*", matchCriteriaId: "9E376B2A-430D-4D1D-BC28-92CD7E1E8564", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:neoverse_n1_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4164A584-6F0D-4154-8FED-DC044CDE1FE7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:neoverse_n1:-:*:*:*:*:*:*:*", matchCriteriaId: "74C9E6FC-9C40-4105-9FB0-17013E1ABBB3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:neoverse_n2_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7B37176F-0AF4-4410-9C1F-4C5ED0051681", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:neoverse_n2:-:*:*:*:*:*:*:*", matchCriteriaId: "D2F2936E-A611-472E-8EF0-F336A19DF578", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arm:cortex-x1_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5D200C1F-1909-4952-824F-A2D279B9B37E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:arm:cortex-x1:-:*:*:*:*:*:*:*", matchCriteriaId: "2FC9F68C-7D65-4D29-AAA1-BA43228C6208", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", }, { lang: "es", value: "Los sistemas con microprocesadores con ejecución especulativa y predicción de ramas podrían permitir la revelación no autorizada de información al atacante con acceso de usuario local mediante un análisis de un canal lateral.", }, ], id: "CVE-2017-5753", lastModified: "2025-01-14T19:29:55.853", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.7, confidentialityImpact: "COMPLETE", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:C/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.1, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-04T13:29:00.257", references: [ { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4609", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4611", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4613", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4614", }, { source: "secure@intel.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/584653", }, { source: "secure@intel.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/102371", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040071", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "http://xenbits.xen.org/xsa/advisory-254.html", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:0292", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/vulnerabilities/speculativeexecution", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://cdrdv2.intel.com/v1/dl/getContent/685359", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en-us/advisories/vde-2018-002", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en-us/advisories/vde-2018-003", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { source: "secure@intel.com", tags: [ "Patch", "Third Party Advisory", "Vendor Advisory", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002", }, { source: "secure@intel.com", tags: [ "Issue Tracking", "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Jun/36", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201810-06", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20180104-0001/", }, { source: "secure@intel.com", tags: [ "Technical Description", "Third Party Advisory", ], url: "https://spectreattack.com/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://support.citrix.com/article/CTX231399", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K91229003", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03871en_us", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://support.lenovo.com/us/en/solutions/LEN-18282", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3540-1/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3540-2/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3541-1/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3541-2/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3542-1/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3542-2/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3549-1/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3580-1/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3597-1/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3597-2/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/usn/usn-3516-1/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4187", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4188", }, { source: "secure@intel.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/43427/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/180049", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001", }, { source: "secure@intel.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://www.synology.com/support/security/Synology_SA_18_01", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4609", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4611", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4613", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4614", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/584653", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/102371", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040071", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://xenbits.xen.org/xsa/advisory-254.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:0292", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/vulnerabilities/speculativeexecution", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cdrdv2.intel.com/v1/dl/getContent/685359", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en-us/advisories/vde-2018-002", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en-us/advisories/vde-2018-003", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "Vendor Advisory", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Jun/36", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201810-06", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20180104-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Technical Description", "Third Party Advisory", ], url: "https://spectreattack.com/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.citrix.com/article/CTX231399", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K91229003", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03871en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.lenovo.com/us/en/solutions/LEN-18282", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3540-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3540-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3541-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3541-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3542-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3542-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3549-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3580-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3597-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3597-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/usn/usn-3516-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4187", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/43427/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/180049", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.synology.com/support/security/Synology_SA_18_01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-203", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-02-06 05:44
Modified
2025-04-11 00:51
Severity ?
Summary
The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "86B3B84A-9D1F-4863-987C-5C958B05C523", versionEndExcluding: "27.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "5D5BFC32-48C3-431E-BD30-67BF408025F1", versionEndExcluding: "24.3", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "328319A6-42EE-408E-91A8-87156C17AE46", versionEndExcluding: "2.24", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "3CCF1ADE-2590-49D1-AD38-B7EF93AC92BE", versionEndExcluding: "24.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", matchCriteriaId: "5991814D-CA77-4C25-90D2-DB542B17E0AD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "B2866FAF-4340-4EA7-9009-6594ADA27AF9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.", }, { lang: "es", value: "La implementación System Only Wrapper (SOW) en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 no previene ciertas operaciones de clonado, lo que permite a atacantes remotos evadir restricciones sobre contenido XUL a través de vectores que involucran el alcance del contenido XBL.", }, ], id: "CVE-2014-1479", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2014-02-06T05:44:24.830", references: [ { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://osvdb.org/102866", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56706", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56761", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56763", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56767", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56787", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56858", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56888", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56922", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/65320", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029717", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029720", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029721", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { source: "security@mozilla.org", tags: [ "Broken Link", "URL Repurposed", ], url: "https://8pecxstudios.com/?page_id=44080", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=911864", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90898", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://osvdb.org/102866", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56706", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56761", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56763", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56767", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56787", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56858", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56888", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56922", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/65320", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029717", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029720", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "URL Repurposed", ], url: "https://8pecxstudios.com/?page_id=44080", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=911864", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90898", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "422EC5FE-DA03-4C14-ADED-D6212BE074D5", versionEndExcluding: "28.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "F43E2CDB-F255-4199-A33E-BBFD18BA241C", versionEndExcluding: "24.4", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "097F1C3A-4546-43F3-8CC2-50F8AF05B791", versionEndExcluding: "2.25", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "507FBFAF-784E-4C0E-B959-9380C31EBD1B", versionEndExcluding: "24.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:*:*:*", matchCriteriaId: "DD4BBD63-E038-45CE-9537-D96831E99A06", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.", }, { lang: "es", value: "La implementación Web IDL en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 permite a atacantes remotos ejecutar código JavaScript arbitrario con privilegios de chrome mediante el uso de un fragmento IDL para provocar una llamada window.open.", }, ], id: "CVE-2014-1510", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2014-03-19T10:55:06.613", references: [ { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66206", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982906", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66206", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982906", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-12-11 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | linux_enterprise_desktop | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.04 | |
| canonical | ubuntu_linux | 13.10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*", matchCriteriaId: "E14271AE-1309-48F3-B9C6-D7DEEC488279", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", matchCriteriaId: "5991814D-CA77-4C25-90D2-DB542B17E0AD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "50A3A702-C2B1-4311-9EBC-D62079E3DCD5", versionEndExcluding: "26.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "924CA671-D089-40FA-BE02-6938FD094713", versionEndExcluding: "24.2", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "D337932C-EF9D-4511-87DB-54262C6635D9", versionEndExcluding: "2.23", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "7BD42C60-4027-4EDE-A61B-84C80154A5C3", versionEndExcluding: "24.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", matchCriteriaId: "D806A17E-B8F9-466D-807D-3F1E77603DC8", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "3ED68ADD-BBDA-4485-BC76-58F011D72311", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "E534C201-BCC5-473C-AAA7-AAB97CEB5437", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "2470C6E8-2024-4CF5-9982-CFF50E88EAE9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*", matchCriteriaId: "EFAA48D9-BEB4-4E49-AD50-325C262D46D9", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.", }, { lang: "es", value: "Mozilla Firefox anterior a 26.0, Firefox ESR 24.x anterior a 24.2, Thunderbird anterior a 24.2, y SeaMonkey anterior a 2.23 no reconoce la eliminación de un certificado de confianza X.509, lo que facilita a atacantes que realicen un Man-in-the-middle suplantar servidores SSL en circunstancias especiales a través de un certificado que es inaceptable por el usuario.", }, ], id: "CVE-2013-6673", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2013-12-11T15:55:13.323", references: [ { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-113.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/64213", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029470", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029476", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=917380", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-113.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/64213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029470", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029476", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=917380", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-310", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-12-11 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.04 | |
| canonical | ubuntu_linux | 13.10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "50A3A702-C2B1-4311-9EBC-D62079E3DCD5", versionEndExcluding: "26.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "924CA671-D089-40FA-BE02-6938FD094713", versionEndExcluding: "24.2", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "D337932C-EF9D-4511-87DB-54262C6635D9", versionEndExcluding: "2.23", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "7BD42C60-4027-4EDE-A61B-84C80154A5C3", versionEndExcluding: "24.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*", matchCriteriaId: "E14271AE-1309-48F3-B9C6-D7DEEC488279", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", matchCriteriaId: "5991814D-CA77-4C25-90D2-DB542B17E0AD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", matchCriteriaId: "D806A17E-B8F9-466D-807D-3F1E77603DC8", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "B2866FAF-4340-4EA7-9009-6594ADA27AF9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*", matchCriteriaId: "EFAA48D9-BEB4-4E49-AD50-325C262D46D9", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.", }, { lang: "es", value: "Vulnerabilidad de liberación despues de uso en la función nsEventListenerManager :: HandleEventSubType en Mozilla Firefox anterior a 26.0, Firefox ESR 24.x anterior a 24.2, Thunderbird antes de 24.2, y SeaMonkey anterior a 2.23 que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio ( corrupción de memoria heap) a través de vectores relacionados con los detectores de eventos mListeners.", }, ], id: "CVE-2013-5616", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2013-12-11T15:55:12.967", references: [ { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-108.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029470", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029476", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=938341", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-108.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029470", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029476", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=938341", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "422EC5FE-DA03-4C14-ADED-D6212BE074D5", versionEndExcluding: "28.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "F43E2CDB-F255-4199-A33E-BBFD18BA241C", versionEndExcluding: "24.4", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "097F1C3A-4546-43F3-8CC2-50F8AF05B791", versionEndExcluding: "2.25", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "507FBFAF-784E-4C0E-B959-9380C31EBD1B", versionEndExcluding: "24.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:*:*:*", matchCriteriaId: "DD4BBD63-E038-45CE-9537-D96831E99A06", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.", }, { lang: "es", value: "Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 permiten a atacantes remotos evadir el bloqueo de ventanas emergentes a través de vectores no especificados.", }, ], id: "CVE-2014-1511", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2014-03-19T10:55:06.647", references: [ { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66207", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982909", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66207", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982909", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-02-06 05:44
Modified
2025-04-11 00:51
Severity ?
Summary
Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| debian | debian_linux | 7.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "86B3B84A-9D1F-4863-987C-5C958B05C523", versionEndExcluding: "27.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "5D5BFC32-48C3-431E-BD30-67BF408025F1", versionEndExcluding: "24.3", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "328319A6-42EE-408E-91A8-87156C17AE46", versionEndExcluding: "2.24", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "3CCF1ADE-2590-49D1-AD38-B7EF93AC92BE", versionEndExcluding: "24.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", matchCriteriaId: "5991814D-CA77-4C25-90D2-DB542B17E0AD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "B2866FAF-4340-4EA7-9009-6594ADA27AF9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.", }, { lang: "es", value: "Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 permiten a atacantes remotos evadir restricciones en objetos de ventana mediante el aprovechamiento de la inconsistencia en los métodos getter nativos entre diferentes motores JavaScript.", }, ], id: "CVE-2014-1481", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2014-02-06T05:44:24.877", references: [ { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://osvdb.org/102863", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56706", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56761", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56763", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56767", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56787", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56858", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56888", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56922", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/65326", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029717", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029720", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029721", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { source: "security@mozilla.org", tags: [ "Broken Link", "URL Repurposed", ], url: "https://8pecxstudios.com/?page_id=44080", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=936056", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90883", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://osvdb.org/102863", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56706", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56761", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56763", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56767", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56787", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56858", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56888", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56922", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/65326", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029717", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029720", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "URL Repurposed", ], url: "https://8pecxstudios.com/?page_id=44080", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=936056", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90883", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "422EC5FE-DA03-4C14-ADED-D6212BE074D5", versionEndExcluding: "28.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "F43E2CDB-F255-4199-A33E-BBFD18BA241C", versionEndExcluding: "24.4", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "097F1C3A-4546-43F3-8CC2-50F8AF05B791", versionEndExcluding: "2.25", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "507FBFAF-784E-4C0E-B959-9380C31EBD1B", versionEndExcluding: "24.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "B2866FAF-4340-4EA7-9009-6594ADA27AF9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", }, { lang: "es", value: "Múltiples vulnerabilidades no especificadas en el motor de navegación en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 permiten a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos.", }, ], id: "CVE-2014-1493", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2014-03-19T10:55:06.240", references: [ { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-15.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66412", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=896268", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=958867", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=960145", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=963974", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=965982", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=967341", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=977538", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-15.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66412", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=896268", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=958867", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=960145", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=963974", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=965982", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=967341", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=977538", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-07-29 13:59
Modified
2025-04-11 00:51
Severity ?
Summary
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*", matchCriteriaId: "5B178BB5-A0DC-4014-A8CC-D89B0E2F9789", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", matchCriteriaId: "1BE753CB-A16D-4605-8640-137CD4A2BB16", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*", matchCriteriaId: "5B5F1155-78D6-480B-BC0A-1D36B08D2594", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*", matchCriteriaId: "A11247D0-A33E-4CE5-910A-F38B89C63EC0", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*", matchCriteriaId: "E9478F4E-451D-4B4E-8054-E09522F97C59", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*", matchCriteriaId: "87393BF8-9FE3-4501-94CA-A1AA9E38E771", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*", matchCriteriaId: "2FC642B5-ACA4-4764-A9F2-3C87D5D8E9E0", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*", matchCriteriaId: "A16CE093-38E0-4274-AD53-B807DE72AF91", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*", matchCriteriaId: "2FB97DEB-A0A4-458C-A94B-46B7264AB0F1", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*", matchCriteriaId: "BFDF6597-7131-4080-BCFC-46032138646C", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*", matchCriteriaId: "881B8C5B-8A66-45AC-85E6-758B8A8153BF", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*", matchCriteriaId: "4E2D144E-6A15-4B45-8B15-15B60FB33D71", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*", matchCriteriaId: "B5690EC8-66C9-4316-BEAB-C218843F7FCC", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*", matchCriteriaId: "FBF13572-C341-4FB1-BAFD-AF8F0C5EF510", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*", matchCriteriaId: "0B1D9F9C-54C2-485F-9B66-4AEA0573BC2E", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*", matchCriteriaId: "423211E8-A08B-4254-977A-1917AED9B794", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*", matchCriteriaId: "3ABE2712-33E9-45EE-890C-E9FC51D19B75", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*", matchCriteriaId: "BD79961B-508F-4A20-AD4D-D766DFB928E7", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*", matchCriteriaId: "5E5510BF-3D22-49DA-A4C6-2D6204EB37C9", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*", matchCriteriaId: "AD1BC4C7-F72B-43DB-B729-018360F4B281", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*", matchCriteriaId: "DB36BD1D-A6AB-4BC8-94C0-FA662622FF26", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.4:p1:*:*:*:*:*:*", matchCriteriaId: "DFF83126-E2C8-4156-9C28-7E3005A74E17", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*", matchCriteriaId: "97D011B3-D9F3-4BC2-9695-A842148EA6BA", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*", matchCriteriaId: "8BC43BF9-5C34-4DF1-846A-E416DE9C7DA8", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.5:b1:*:*:*:*:*:*", matchCriteriaId: "ADD24439-71B4-41AC-85D4-56511445051C", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.5:rc1:*:*:*:*:*:*", matchCriteriaId: "B063AE57-D426-4565-B2D9-ACDB0C16C78E", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.5:rc2:*:*:*:*:*:*", matchCriteriaId: "CCEA5F9A-A308-4573-BBEB-6B210A61D943", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*", matchCriteriaId: "D13D4E84-04EB-4843-A1C4-E3265D1DAC00", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.6:p1:*:*:*:*:*:*", matchCriteriaId: "434AA05B-1A22-474B-BEA3-CACAD78955F4", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.6:p2:*:*:*:*:*:*", matchCriteriaId: "E434E995-F554-45A7-A907-EE2725727B82", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.7.7:*:*:*:*:*:*:*", matchCriteriaId: "CC599FF2-080F-4545-BA31-6F431AA558AB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp2:*:*:*:*:*:*", matchCriteriaId: "78BEBD36-7BD1-4686-BF9A-60B85EBF6A80", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux:11:*:desktop:*:*:*:*:*", matchCriteriaId: "1F04848C-31A0-41DF-815D-C200625D8B2C", vulnerable: false, }, { criteria: "cpe:2.3:o:novell:suse_linux:11:*:server:*:*:*:*:*", matchCriteriaId: "09D8D0FB-C49A-44AA-B95E-DD82D870A242", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:isc:dnsco_bind:9.9.3:s1:*:*:*:*:*:*", matchCriteriaId: "0AD242CA-7077-4D79-B399-C3517921E814", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:dnsco_bind:9.9.4:s1b1:*:*:*:*:*:*", matchCriteriaId: "23EF52C0-4E1B-4B50-9AF2-39FA3ABEB4F6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*", matchCriteriaId: "A2B96B87-F18C-41EF-9A37-7D0842433A4E", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*", matchCriteriaId: "AFA1AA14-4D4A-45D0-9573-D53C0FFFFF78", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*", matchCriteriaId: "F5DE1274-F7A1-4F12-A4F5-1CB1DD5B84E1", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*", matchCriteriaId: "401A7E61-AC3D-417D-97B8-E5E736DC6FCC", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*", matchCriteriaId: "C7C37F7D-DD28-4C70-A534-A3F434DF4273", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*", matchCriteriaId: "B2EC1F99-85C1-4081-A118-790111741246", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*", matchCriteriaId: "85D6C9B7-9D5D-4589-AC83-E6ECB535EBFD", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*", matchCriteriaId: "043A5E3F-529B-4A9A-8531-184EE6D1942D", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*", matchCriteriaId: "673057D5-256C-4933-B56F-4BF8848323F1", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*", matchCriteriaId: "C2CE371B-E399-4D74-B46C-3606E4BDA53A", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*", matchCriteriaId: "6A3798A1-134C-4066-A012-10C15F103EAC", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*", matchCriteriaId: "9CA1AEBE-040C-483A-9850-7DA888FF8075", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*", matchCriteriaId: "B9A33F04-3240-4268-B613-C4876770A30F", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.2:*:*:*:*:*:*:*", matchCriteriaId: "91DA33F1-CA29-4EB1-8F95-8CEA71383BF4", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*", matchCriteriaId: "2A7BE793-7717-4019-8F50-158C309E48B2", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.3:b1:*:*:*:*:*:*", matchCriteriaId: "9BE322FB-CC6F-46BA-861C-74C16D7FC791", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.3:b2:*:*:*:*:*:*", matchCriteriaId: "9C322F95-B13A-4495-A87E-9295C0169DE1", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.3:p1:*:*:*:*:*:*", matchCriteriaId: "C267AE8E-A71A-4AE4-BF93-86C43924E477", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.3:rc1:*:*:*:*:*:*", matchCriteriaId: "38A3F698-5E6C-40AC-9DC6-FF7478E0440C", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.3:rc2:*:*:*:*:*:*", matchCriteriaId: "C7E1293E-82F4-4401-B3AA-7CB73761E163", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:freebsd:freebsd:8.0:*:*:*:*:*:*:*", matchCriteriaId: "3CF1F9EF-01AF-4708-AE02-765360AF3D66", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:8.1:*:*:*:*:*:*:*", matchCriteriaId: "9899C87E-2C09-46AE-BC24-1ACF012784CA", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:8.2:*:*:*:*:*:*:*", matchCriteriaId: "DD5ECA1A-D9B4-4ED7-95EC-684E7AA2B765", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:8.3:*:*:*:*:*:*:*", matchCriteriaId: "30C501A1-FE2D-41E7-A5DB-C61D8701B9B4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:8.4:*:*:*:*:*:*:*", matchCriteriaId: "5DB4C0E8-8E50-44B1-BE0C-4C261D9E9730", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:9.0:*:*:*:*:*:*:*", matchCriteriaId: "E6BD5BFF-260A-4A9E-B0AA-C8B8386B154E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:9.1:*:*:*:*:*:*:*", matchCriteriaId: "D78E559A-430D-4D50-8A83-58A37D393471", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:9.1:p4:*:*:*:*:*:*", matchCriteriaId: "DD6B2A2E-6E8C-40D7-B29F-1FC9E8B1076B", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:9.1:p5:*:*:*:*:*:*", matchCriteriaId: "0ADB3AF3-5E13-4EC3-AE3C-128DF51E1DF9", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:9.2:prerelease:*:*:*:*:*:*", matchCriteriaId: "213ECCF5-4FE2-4FE8-B84E-A1C9AA98F1F2", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:9.2:rc1:*:*:*:*:*:*", matchCriteriaId: "C52A912B-E7C6-484A-8E15-8208C97B8CB4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:9.2:rc2:*:*:*:*:*:*", matchCriteriaId: "D4B097BE-2CA1-4236-AB8F-1151FCC845A9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mandriva:business_server:1.0:*:*:*:*:*:*:*", matchCriteriaId: "2916CC4D-4C4D-4232-AA24-90458181EC25", vulnerable: true, }, { criteria: "cpe:2.3:o:mandriva:enterprise_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "0175F23D-071B-4791-9349-C85ABB37BF50", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", matchCriteriaId: "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*", matchCriteriaId: "4EBDD71E-6F17-4EB6-899F-E27A93CDFDF2", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*", matchCriteriaId: "811D03B2-96A8-47F9-80BE-54228A4108EC", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*", matchCriteriaId: "B3D4393C-1151-49F9-963B-B6FD88E93814", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*", matchCriteriaId: "25855A5C-302F-4A82-AEC1-8C4C9CB70362", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*", matchCriteriaId: "03E68ACA-0288-4EE5-9250-54711B2E6670", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*", matchCriteriaId: "8D717D3D-F4BF-470B-AC2B-D1234A7303EB", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*", matchCriteriaId: "66D259B7-4F9E-43B2-BB1D-3B097D3CDB28", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*", matchCriteriaId: "4F9DA20E-57EA-49A0-9DB2-E9E0191EC1AB", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*", matchCriteriaId: "FCC604FD-A834-4BA7-B1E2-1FCB6A583204", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*", matchCriteriaId: "479D3C6C-1FD7-4DBE-A841-4B58400A89F1", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*", matchCriteriaId: "BAF29160-63C2-40D0-BE08-3C8181CD5092", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*", matchCriteriaId: "8DAA3942-0979-4D33-BD52-EF7F0403DFBD", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*", matchCriteriaId: "39D75F93-B6A7-4D25-8147-25F7F867E5B2", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*", matchCriteriaId: "B046CE1D-03E1-462F-9762-9269E59BD554", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*", matchCriteriaId: "DAC9049D-6284-40F7-9E97-596FEDF9EEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*", matchCriteriaId: "10D06B47-911B-4095-ABD2-DDD38E6306F3", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*", matchCriteriaId: "59428551-218B-4C32-982F-DCDC894E2954", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*", matchCriteriaId: "961E22DC-1467-4A0C-9450-A2E047FCFCFD", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*", matchCriteriaId: "DF77CAF5-A8D6-4479-9C4D-A698D26BDC6A", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.4:*:*:*:*:*:*:*", matchCriteriaId: "AD318FF1-320B-4311-AF7E-988C023B4938", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.5:*:*:*:*:*:*:*", matchCriteriaId: "BDCC8861-0655-4180-A083-1516AC441A3C", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.5:b1:*:*:*:*:*:*", matchCriteriaId: "DB2E6ABE-B1CB-4603-AFC8-BB7BE1AD96B5", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.5:b2:*:*:*:*:*:*", matchCriteriaId: "C8FC8393-5812-4032-A458-80C01248B18D", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.5:p1:*:*:*:*:*:*", matchCriteriaId: "8DEC5C59-44A6-4B48-A84F-22C080CBE5CD", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.5:rc1:*:*:*:*:*:*", matchCriteriaId: "87BAA6BD-4677-451B-B012-F3FF6C95B369", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.5:rc2:*:*:*:*:*:*", matchCriteriaId: "0E52B0E7-9392-4B08-906F-C47C5CA41044", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.6:b1:*:*:*:*:*:*", matchCriteriaId: "BD8E5645-EAE9-43A5-8845-229C403BF93B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*", matchCriteriaId: "E14271AE-1309-48F3-B9C6-D7DEEC488279", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", matchCriteriaId: "5991814D-CA77-4C25-90D2-DB542B17E0AD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*", matchCriteriaId: "B64BBA96-FB3C-46AC-9A29-50EE02714FE9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:slackware:slackware_linux:12.1:*:*:*:*:*:*:*", matchCriteriaId: "E752F93D-ED2E-4458-A12E-47EE62C8DCB1", vulnerable: true, }, { criteria: "cpe:2.3:o:slackware:slackware_linux:12.2:*:*:*:*:*:*:*", matchCriteriaId: "F56191B9-387B-4850-BA5F-F73D6AFEFE72", vulnerable: true, }, { criteria: "cpe:2.3:o:slackware:slackware_linux:13.0:*:*:*:*:*:*:*", matchCriteriaId: "7547FBB1-AFE8-4DCB-9B6D-0EB719D26FB9", vulnerable: true, }, { criteria: "cpe:2.3:o:slackware:slackware_linux:13.1:*:*:*:*:*:*:*", matchCriteriaId: "64DF28B6-C9FE-44AD-9D09-2F154819AFA2", vulnerable: true, }, { criteria: "cpe:2.3:o:slackware:slackware_linux:13.37:*:*:*:*:*:*:*", matchCriteriaId: "1A153230-E0BE-4323-AC73-44E8DCD14A1E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.", }, { lang: "es", value: "La implementación RFC en rdata.c en ISC BIND 9.7.x y 9.8.x anterior a 9.8.5-P2, 9.8.6b1, 9.9.x anterior a 9.9.3-P2, y 9.9.4b1, y DNSco BIND 9.9.3-S1 anterior a 9.9.3-S1-P1 y 9.9.4-S1b1, permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y salida de demonio) a través de una petición con una sección RDATA manipulada que se maneja adecuadamente durante la contrucción de mensaje de log. Ha sido explotada \"in the wild\" en Julio de 2013.", }, ], id: "CVE-2013-4854", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-07-29T13:59:37.537", references: [ { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html", }, { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html", }, { source: "cve@mitre.org", url: "http://linux.oracle.com/errata/ELSA-2014-1244", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1114.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1115.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54134", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54185", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54207", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54211", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54323", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54432", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2013/dsa-2728", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/61479", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1028838", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-1910-1", }, { source: "cve@mitre.org", url: "http://www.zerodayinitiative.com/advisories/ZDI-13-210/", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.isc.org/article/AA-01015", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.isc.org/article/AA-01016", }, { source: "cve@mitre.org", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10052", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561", }, { source: "cve@mitre.org", url: "https://support.apple.com/kb/HT6536", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://linux.oracle.com/errata/ELSA-2014-1244", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1114.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1115.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54134", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54185", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54207", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54211", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54323", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54432", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2013/dsa-2728", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/61479", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1028838", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-1910-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.zerodayinitiative.com/advisories/ZDI-13-210/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.isc.org/article/AA-01015", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.isc.org/article/AA-01016", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10052", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/kb/HT6536", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-05-23 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a "billion laughs attack."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opalvoip | portable_tool_library | 2.10.1 | |
| opalvoip | portable_tool_library | 2.10.2 | |
| opalvoip | portable_tool_library | 2.10.7 | |
| opalvoip | portable_tool_library | 2.10.9 | |
| ekiga | ekiga | * | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| suse | suse_linux_enterprise_desktop | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:opalvoip:portable_tool_library:2.10.1:*:*:*:*:*:*:*", matchCriteriaId: "31829F37-ECE5-46CF-B7D9-1D9CDE094607", vulnerable: true, }, { criteria: "cpe:2.3:a:opalvoip:portable_tool_library:2.10.2:*:*:*:*:*:*:*", matchCriteriaId: "4864CF35-4A44-43A7-A954-191F5FDA3856", vulnerable: true, }, { criteria: "cpe:2.3:a:opalvoip:portable_tool_library:2.10.7:*:*:*:*:*:*:*", matchCriteriaId: "F9BA5CE2-2473-4F31-8438-1D7FFECD5EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:opalvoip:portable_tool_library:2.10.9:*:*:*:*:*:*:*", matchCriteriaId: "87CC24E3-5CC6-45CC-BC26-E9A0EE8FF923", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ekiga:ekiga:*:*:*:*:*:*:*:*", matchCriteriaId: "8659F6D2-9C7D-40AE-B783-7E5ECD50D28A", versionEndIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "777F6902-6EFA-482A-9A17-48DA5BDDB9CD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a \"billion laughs attack.\"", }, { lang: "es", value: "Portable Tool Library (también conocido como PTLib) anterior a 2.10.10, utilizado en Ekiga anterior a 4.0.1, no detecta debidamente recursión durante expansión de entidad, lo que permite a atacantes remotos causar una denegación de servicio (consumo de memoria y CPU) a través de un documento PXML manipulado que contiene un número grande de referencias de entidad anidadas, también conocido como 'ataque de un billón de risas.'", }, ], id: "CVE-2013-1864", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-05-23T14:55:09.630", references: [ { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html", }, { source: "secalert@redhat.com", url: "http://osvdb.org/91439", }, { source: "secalert@redhat.com", url: "http://seclists.org/oss-sec/2013/q1/674", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/52659", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Patch", ], url: "http://sourceforge.net/p/opalvoip/code/28856", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/58520", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/82885", }, { source: "secalert@redhat.com", url: "https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/91439", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/oss-sec/2013/q1/674", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/52659", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "http://sourceforge.net/p/opalvoip/code/28856", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/58520", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/82885", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-12-11 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.04 | |
| canonical | ubuntu_linux | 13.10 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "50A3A702-C2B1-4311-9EBC-D62079E3DCD5", versionEndExcluding: "26.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "924CA671-D089-40FA-BE02-6938FD094713", versionEndExcluding: "24.2", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "D337932C-EF9D-4511-87DB-54262C6635D9", versionEndExcluding: "2.23", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "7BD42C60-4027-4EDE-A61B-84C80154A5C3", versionEndExcluding: "24.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*", matchCriteriaId: "EFAA48D9-BEB4-4E49-AD50-325C262D46D9", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", matchCriteriaId: "D806A17E-B8F9-466D-807D-3F1E77603DC8", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "B2866FAF-4340-4EA7-9009-6594ADA27AF9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*", matchCriteriaId: "E14271AE-1309-48F3-B9C6-D7DEEC488279", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", matchCriteriaId: "5991814D-CA77-4C25-90D2-DB542B17E0AD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.", }, { lang: "es", value: "La implementación de JavaScript en Mozilla Firefox anterior a 26.0, Firefox ESR 24.x anterior a 24.2, Thunderbird anterior a 24.2, y SeaMonkey anterior a 2.23 no hace cumplir adecuadamente ciertas restricciones de composición tipográfica en la generación de la matriz de elementos de tipo GetElementIC, lo cual tiene impacto no especificado y vectores de ataque remotos.", }, ], id: "CVE-2013-5615", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2013-12-11T15:55:12.917", references: [ { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-115.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029470", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029476", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=929261", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-115.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029470", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029476", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=929261", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-12-11 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.04 | |
| canonical | ubuntu_linux | 13.10 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "50A3A702-C2B1-4311-9EBC-D62079E3DCD5", versionEndExcluding: "26.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "924CA671-D089-40FA-BE02-6938FD094713", versionEndExcluding: "24.2", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "D337932C-EF9D-4511-87DB-54262C6635D9", versionEndExcluding: "2.23", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "7BD42C60-4027-4EDE-A61B-84C80154A5C3", versionEndExcluding: "24.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*", matchCriteriaId: "E14271AE-1309-48F3-B9C6-D7DEEC488279", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", matchCriteriaId: "5991814D-CA77-4C25-90D2-DB542B17E0AD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", matchCriteriaId: "D806A17E-B8F9-466D-807D-3F1E77603DC8", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "B2866FAF-4340-4EA7-9009-6594ADA27AF9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*", matchCriteriaId: "EFAA48D9-BEB4-4E49-AD50-325C262D46D9", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", }, { lang: "es", value: "Múltiples vulnerabilidades sin especificar en el motor del navegador Mozilla Firefox anterior a la versión 26.0, Firefox ESR 24.x anterior a 24.2, Thunderbird anterior a la versión 24.2, y SeaMonkey anterior a 2.23 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos.", }, ], id: "CVE-2013-5609", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2013-12-11T15:55:07.433", references: [ { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-104.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029470", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029476", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=886850", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=905382", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=922009", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=937582", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1812.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2013/mfsa2013-104.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029470", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029476", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2052-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2053-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=886850", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=905382", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=922009", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=937582", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-04-27 17:59
Modified
2025-04-12 10:46
Severity ?
Summary
The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "8B458ACF-17C3-4551-9F11-8D02B6D52B7C", versionEndIncluding: "4.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_live_patching:12.0:*:*:*:*:*:*:*", matchCriteriaId: "C9FC685E-4188-4517-BE64-79C86AC6700A", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_module_for_public_cloud:12.0:*:*:*:*:*:*:*", matchCriteriaId: "FE356E03-FE6E-4145-8A30-BD7DEF074B26", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*", matchCriteriaId: "863D677A-F877-48B5-B3D4-8B6793BB93AB", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*", matchCriteriaId: "3C171088-A361-4950-A397-BB4FD83DBB68", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_workstation_extension:12.0:*:*:*:*:*:*:*", matchCriteriaId: "73424219-E302-4E65-B6F9-225C537EF284", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*", matchCriteriaId: "EA04C9F1-6257-4D82-BA0B-37DE66D94736", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*", matchCriteriaId: "C384D0B6-8A5C-45CA-8CD9-7F4E967FE4F0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.", }, { lang: "es", value: "La función tm_reclaim_thread en arch/powerpc/kernel/process.c en el Kernel de Linux en versiones anteriores a 4.4.1 sobre plataformas powerpc no asegura que exista el modo TM suspend antes de proceder con una llamada tm_reclaim, lo que permite a usuarios locales provocar una denegación de servicio (excepción TM Bad Thing y pánico) a través de una aplicación manipulada.", }, ], id: "CVE-2015-8845", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-04-27T17:59:05.130", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html", }, { source: "cve@mitre.org", url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2016/04/13/1", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1035594", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1326540", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://github.com/torvalds/linux/commit/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2016/04/13/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1035594", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1326540", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://github.com/torvalds/linux/commit/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-03-19 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "422EC5FE-DA03-4C14-ADED-D6212BE074D5", versionEndExcluding: "28.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "F43E2CDB-F255-4199-A33E-BBFD18BA241C", versionEndExcluding: "24.4", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "097F1C3A-4546-43F3-8CC2-50F8AF05B791", versionEndExcluding: "2.25", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "507FBFAF-784E-4C0E-B959-9380C31EBD1B", versionEndExcluding: "24.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "B2866FAF-4340-4EA7-9009-6594ADA27AF9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.", }, { lang: "es", value: "TypedArrayObject.cpp en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 no previene una transición de longitud cero durante el uso de un objeto ArrayBuffer, lo que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (escritura o lectura basado en memoria dinámica fuera de de rango) a través de un sitio web manipulado.", }, ], id: "CVE-2014-1513", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2014-03-19T10:55:06.693", references: [ { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-31.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66203", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982974", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0310.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0316.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2881", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2911", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-31.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66203", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2151-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=982974", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-02-06 05:44
Modified
2025-04-11 00:51
Severity ?
Summary
RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.5 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "86B3B84A-9D1F-4863-987C-5C958B05C523", versionEndExcluding: "27.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", matchCriteriaId: "5D5BFC32-48C3-431E-BD30-67BF408025F1", versionEndExcluding: "24.3", versionStartIncluding: "24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "328319A6-42EE-408E-91A8-87156C17AE46", versionEndExcluding: "2.24", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "3CCF1ADE-2590-49D1-AD38-B7EF93AC92BE", versionEndExcluding: "24.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "45010D45-2FF2-4B04-B115-6B6FE606D598", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", matchCriteriaId: "5991814D-CA77-4C25-90D2-DB542B17E0AD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "F4BC592E-17CC-4DD4-8B2C-CFD99383649C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "B2866FAF-4340-4EA7-9009-6594ADA27AF9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "0EA03350-8702-43D5-8605-5FB765A3F60B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.", }, { lang: "es", value: "RasterImage.cpp en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 no previene el acceso a datos descartados, lo que permite a atacantes remotos ejecutar un código arbitrario o causar una denegación de servicio (operaciones de escritura incorrectas) a través de datos de imagen manipulados, como ha demostrado Goo Create.", }, ], id: "CVE-2014-1482", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2014-02-06T05:44:24.893", references: [ { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { source: "security@mozilla.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://osvdb.org/102868", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56706", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56761", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56763", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56767", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56787", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56858", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56888", }, { source: "security@mozilla.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56922", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { source: "security@mozilla.org", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/65328", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029717", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029720", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029721", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { source: "security@mozilla.org", tags: [ "Broken Link", "URL Repurposed", ], url: "https://8pecxstudios.com/?page_id=44080", }, { source: "security@mozilla.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=943803", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90894", }, { source: "security@mozilla.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://osvdb.org/102868", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0132.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0133.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56706", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56761", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56763", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56767", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56787", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56858", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56888", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/56922", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2858", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/65328", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029717", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029720", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1029721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2102-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2119-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "URL Repurposed", ], url: "https://8pecxstudios.com/?page_id=44080", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=943803", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/90894", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-01", }, ], sourceIdentifier: "security@mozilla.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }