VDB
GCVE-110-MAGEIA-2014-6
GCVE-110-MAGEIA-2014-6
Advisory Published
Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox or Thunderbird to
terminate unexpectedly or, potentially, execute arbitrary code with the
privileges of the user running Firefox or Thunderbird (CVE-2013-5609,
CVE-2013-5616, CVE-2013-5618, CVE-2013-6671, CVE-2013-5613).
It was found that a subordinate Certificate Authority (CA) mis-issued an
intermediate certificate, which could be used to conduct man-in-the-middle
attacks. This update renders that particular intermediate certificate as
untrusted (MFSA 2013-117).
The rootcerts and nss packages have been updated to fix the MFSA 2013-117
issue. The thunderbird-lightning package has been updated to a version
that is compatible with the updated thunderbird.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | rootcerts | 20131204.00-1.mga3 (unaffected), 0 (affected), 0 (affected), 20131204.00-1.mga3 (unaffected) | — |
| Mageia | firefox | 0 (affected), 24.2.0-1.mga3 (unaffected), 0 (affected), 24.2.0-1.mga3 (unaffected) | — |
| Mageia | thunderbird-lightning | 2.6.4-1.mga3 (unaffected), 0 (affected), 0 (affected), 2.6.4-1.mga3 (unaffected) | — |
| Mageia | thunderbird-l10n | 0 (affected), 24.2.0-1.mga3 (unaffected), 0 (affected), 24.2.0-1.mga3 (unaffected) | — |
| Mageia | thunderbird | 0 (affected), 24.2.0-1.mga3 (unaffected), 0 (affected), 24.2.0-1.mga3 (unaffected) | — |
| Mageia | nss | 0 (affected), 3.15.3.1-1.mga3 (unaffected), 0 (affected), 3.15.3.1-1.mga3 (unaffected) | — |
| Mageia | perl-CGI-SpeedyCGI | 0 (affected), 2.220.0-7.1.mga3 (unaffected) | — |
| Mageia | firefox-l10n | 0 (affected), 24.2.0-1.mga3 (unaffected), 0 (affected), 24.2.0-1.mga3 (unaffected) | — |
References
Browse GCVE Records
72,580 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.