FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
firefox < 28.0,1
firefox-esr < 24.4.0,1
linux-firefox < 28.0,1
linux-seamonkey < 2.25
linux-thunderbird < 24.4.0
seamonkey < 2.25
thunderbird < 24.4.0

Details

VuXML ID 610de647-af8d-11e3-a25b-b4b52fce4ce8
Discovery 2014-03-19
Entry 2014-03-19
Modified 2014-03-20

The Mozilla Project reports:

MFSA 2014-15 Miscellaneous memory safety hazards (rv:28.0 / rv:24.4)

MFSA 2014-16 Files extracted during updates are not always read only

MFSA 2014-17 Out of bounds read during WAV file decoding

MFSA 2014-18 crypto.generateCRMFRequest does not validate type of key

MFSA 2014-19 Spoofing attack on WebRTC permission prompt

MFSA 2014-20 onbeforeunload and Javascript navigation DOS

MFSA 2014-21 Local file access via Open Link in new tab

MFSA 2014-22 WebGL content injection from one domain to rendering in another

MFSA 2014-23 Content Security Policy for data: documents not preserved by session restore

MFSA 2014-24 Android Crash Reporter open to manipulation

MFSA 2014-25 Firefox OS DeviceStorageFile object vulnerable to relative path escape

MFSA 2014-26 Information disclosure through polygon rendering in MathML

MFSA 2014-27 Memory corruption in Cairo during PDF font rendering

MFSA 2014-28 SVG filters information disclosure through feDisplacementMap

MFSA 2014-29 Privilege escalation using WebIDL-implemented APIs

MFSA 2014-30 Use-after-free in TypeObject

MFSA 2014-31 Out-of-bounds read/write through neutering ArrayBuffer objects

MFSA 2014-32 Out-of-bounds write through TypedArrayObject after neutering

[source]

References

CVE Name CVE-2014-1493
CVE Name CVE-2014-1494
CVE Name CVE-2014-1496
CVE Name CVE-2014-1497
CVE Name CVE-2014-1498
CVE Name CVE-2014-1499
CVE Name CVE-2014-1500
CVE Name CVE-2014-1501
CVE Name CVE-2014-1502
CVE Name CVE-2014-1504
CVE Name CVE-2014-1505
CVE Name CVE-2014-1506
CVE Name CVE-2014-1507
CVE Name CVE-2014-1508
CVE Name CVE-2014-1509
CVE Name CVE-2014-1510
CVE Name CVE-2014-1511
CVE Name CVE-2014-1512
CVE Name CVE-2014-1513
CVE Name CVE-2014-1514
URL http://www.mozilla.org/security/known-vulnerabilities/
URL https://www.mozilla.org/security/announce/2014/mfsa2014-15.html
URL https://www.mozilla.org/security/announce/2014/mfsa2014-16.html
URL https://www.mozilla.org/security/announce/2014/mfsa2014-17.html
URL https://www.mozilla.org/security/announce/2014/mfsa2014-18.html
URL https://www.mozilla.org/security/announce/2014/mfsa2014-19.html
URL https://www.mozilla.org/security/announce/2014/mfsa2014-20.html
URL https://www.mozilla.org/security/announce/2014/mfsa2014-21.html
URL https://www.mozilla.org/security/announce/2014/mfsa2014-22.html
URL https://www.mozilla.org/security/announce/2014/mfsa2014-23.html
URL https://www.mozilla.org/security/announce/2014/mfsa2014-24.html
URL https://www.mozilla.org/security/announce/2014/mfsa2014-25.html
URL https://www.mozilla.org/security/announce/2014/mfsa2014-26.html
URL https://www.mozilla.org/security/announce/2014/mfsa2014-27.html
URL https://www.mozilla.org/security/announce/2014/mfsa2014-28.html
URL https://www.mozilla.org/security/announce/2014/mfsa2014-29.html
URL https://www.mozilla.org/security/announce/2014/mfsa2014-30.html
URL https://www.mozilla.org/security/announce/2014/mfsa2014-31.html
URL https://www.mozilla.org/security/announce/2014/mfsa2014-32.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.