KLA10119
Multiple vulnerabilities in Mozilla
Обновлено: 15/11/2018
Дата обнаружения
22/07/2014
Уровень угрозы
Critical
Описание

An unspecified vulnerability was found in Clam Anti-virus. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited locally at a point related to the OLE2 parser via a specially designed file. Below is a complete list of vulnerabilities

  1. Improper handling of discarded data can be exploited remotely via specially designed image scaling;
  2. A use-after-free vulnerability can be exploited remotely at vectors related to libnss3.so, nsDocLoader and FontTableRec;
  3. An unknown vulnerability can be exploited remotely via specially designed WebGl content;
  4. Multiple unknown vulnerabilities can be exploited by unknown vectors.
Пораженные продукты

Mozilla Firefox ESR 24.6.0 and earlier
Mozilla Firefox 30.0 and earlier
Waterfox Firefox 30.0 and earlier
Mozilla Thunderbird 30.0 and earlier
CometBird all versions  

Решение

Update to latest version
Thunderbird
Firefox

Первичный источник обнаружения
MFSA
Оказываемое влияние
?
ACE 
[?]

DoS 
[?]
Связанные продукты
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox ESR
CVE-IDS

CVE-2014-1547
CVE-2014-1548
CVE-2014-1555
CVE-2014-1551
CVE-2014-1544
CVE-2014-1556
CVE-2014-1557