High

DATE	CVE	VULNERABILITY TITLE	RISK
2014-02-06	CVE-2014-1481	Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines. network low complexity mozilla fedoraproject opensuse suse redhat debian canonical	7.5
2014-02-06	CVE-2014-1479	The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes. network low complexity mozilla canonical debian redhat fedoraproject opensuse suse	7.5
2013-12-11	CVE-2013-5616	USE After Free vulnerability in multiple products Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners. network low complexity mozilla fedoraproject suse opensuse redhat canonical CWE-416	7.5
2013-01-25	CVE-2012-5689	Improper Input Validation vulnerability in multiple products ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record. network isc redhat canonical CWE-20	7.1