Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2014-1594

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 02 Π΄Π΅ΠΊ. 2014
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: redhat
CVSS2: 5.1
EPSS Низкий

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ выполнСния ΠΏΡ€ΠΎΠΈΠ·Π²ΠΎΠ»ΡŒΠ½ΠΎΠ³ΠΎ ΠΊΠΎΠ΄Π° Π² Mozilla Firefox, Firefox ESR, Thunderbird ΠΈ SeaMonkey, вызванная Π½Π΅ΠΊΠΎΡ€Ρ€Π΅ΠΊΡ‚Π½Ρ‹ΠΌ ΠΏΡ€ΠΈΠ²Π΅Π΄Π΅Π½ΠΈΠ΅ΠΌ Ρ‚ΠΈΠΏΠ° Π΄Π°Π½Π½Ρ‹Ρ… ΠΈΠ· "BasicThebesLayer" ΠΊ "BasicContainerLayer"

ОписаниС

ΠžΠ±Π½Π°Ρ€ΡƒΠΆΠ΅Π½Π° ΡƒΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ Π² Mozilla Firefox, Firefox ESR, Thunderbird ΠΈ SeaMonkey, которая ΠΌΠΎΠΆΠ΅Ρ‚ ΠΏΠΎΠ·Π²ΠΎΠ»ΠΈΡ‚ΡŒ ΡƒΠ΄Π°Π»Ρ‘Π½Π½Ρ‹ΠΌ Π·Π»ΠΎΡƒΠΌΡ‹ΡˆΠ»Π΅Π½Π½ΠΈΠΊΠ°ΠΌ Π²Ρ‹ΠΏΠΎΠ»Π½ΠΈΡ‚ΡŒ ΠΏΡ€ΠΎΠΈΠ·Π²ΠΎΠ»ΡŒΠ½Ρ‹ΠΉ ΠΊΠΎΠ΄. ΠŸΡ€ΠΎΠ±Π»Π΅ΠΌΠ° связана с Π½Π΅ΠΊΠΎΡ€Ρ€Π΅ΠΊΡ‚Π½Ρ‹ΠΌ ΠΏΡ€ΠΈΠ²Π΅Π΄Π΅Π½ΠΈΠ΅ΠΌ Ρ‚ΠΈΠΏΠ° Π΄Π°Π½Π½Ρ‹Ρ… ΠΈΠ· BasicThebesLayer ΠΊ BasicContainerLayer.

Π—Π°Ρ‚Ρ€ΠΎΠ½ΡƒΡ‚Ρ‹Π΅ вСрсии ПО

  • Mozilla Firefox Π΄ΠΎ вСрсии 34.0
  • Firefox ESR 31.x Π΄ΠΎ вСрсии 31.3
  • Thunderbird Π΄ΠΎ вСрсии 31.3
  • SeaMonkey Π΄ΠΎ вСрсии 2.31

Π’ΠΈΠΏ уязвимости

Π’Ρ‹ΠΏΠΎΠ»Π½Π΅Π½ΠΈΠ΅ ΠΏΡ€ΠΎΠΈΠ·Π²ΠΎΠ»ΡŒΠ½ΠΎΠ³ΠΎ ΠΊΠΎΠ΄Π°

Π—Π°Ρ‚Ρ€ΠΎΠ½ΡƒΡ‚Ρ‹Π΅ ΠΏΠ°ΠΊΠ΅Ρ‚Ρ‹

ΠŸΠ»Π°Ρ‚Ρ„ΠΎΡ€ΠΌΠ°ΠŸΠ°ΠΊΠ΅Ρ‚Π‘ΠΎΡΡ‚ΠΎΡΠ½ΠΈΠ΅Π Π΅ΠΊΠΎΠΌΠ΅Π½Π΄Π°Ρ†ΠΈΡΠ Π΅Π»ΠΈΠ·
Red Hat Enterprise Linux 7thunderbirdAffected
Red Hat Enterprise Linux 5firefoxFixedRHSA-2014:191902.12.2014
Red Hat Enterprise Linux 5thunderbirdFixedRHSA-2014:192402.12.2014
Red Hat Enterprise Linux 6firefoxFixedRHSA-2014:191902.12.2014
Red Hat Enterprise Linux 6thunderbirdFixedRHSA-2014:192402.12.2014
Red Hat Enterprise Linux 7firefoxFixedRHSA-2014:191902.12.2014

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

Π”ΠΎΠΏΠΎΠ»Π½ΠΈΡ‚Π΅Π»ΡŒΠ½Π°Ρ информация

Бтатус:

Moderate
Π”Π΅Ρ„Π΅ΠΊΡ‚:
CWE-749
https://bugzilla.redhat.com/show_bug.cgi?id=1169210Mozilla: Bad casting from the BasicThebesLayer to BasicContainerLayer (MFSA 2014-89)

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 82%
0.01693
Низкий

5.1 Medium

CVSS2

БвязанныС уязвимости

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2014-1594

ubuntu
ΠΏΠΎΡ‡Ρ‚ΠΈ 11 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2014-1594

nvd
ΠΏΠΎΡ‡Ρ‚ΠΈ 11 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2014-1594

debian
ΠΏΠΎΡ‡Ρ‚ΠΈ 11 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-5276-6fhc-x292

github
большС 3 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type.

oracle-oval Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

ELSA-2014-1924

oracle-oval
ΠΏΠΎΡ‡Ρ‚ΠΈ 11 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

ELSA-2014-1924: thunderbird security update (IMPORTANT)

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 82%
0.01693
Низкий

5.1 Medium

CVSS2

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2014-1594