Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2014-04-30	CVE-2014-1523	Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. network low complexity mozilla fedoraproject debian canonical redhat opensuse suse CWE-787	6.5
2014-03-19	CVE-2014-1496	Improper Privilege Management vulnerability in multiple products Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update. local low complexity mozilla suse CWE-269	5.5
2013-12-11	CVE-2013-6673	Cryptographic Issues vulnerability in multiple products Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user. network high complexity fedoraproject mozilla suse opensuse canonical CWE-310	5.9