User: Password:
Subscribe / Log in / New account

mozilla: multiple vulnerabilities

Package(s):firefox, thunderbird, seamonkey CVE #(s):CVE-2014-1477 CVE-2014-1479 CVE-2014-1481 CVE-2014-1482 CVE-2014-1486 CVE-2014-1487
Created:February 5, 2014 Updated:February 24, 2014
Description: From the Red Hat advisory:

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1477, CVE-2014-1482, CVE-2014-1486)

A flaw was found in the way Firefox handled error messages related to web workers. An attacker could use this flaw to bypass the same-origin policy, which could lead to cross-site scripting (XSS) attacks, or could potentially be used to gather authentication tokens and other data from third-party websites. (CVE-2014-1487)

A flaw was found in the implementation of System Only Wrappers (SOW). An attacker could use this flaw to crash Firefox. When combined with other vulnerabilities, this flaw could have additional security implications. (CVE-2014-1479)

It was found that the Firefox JavaScript engine incorrectly handled window objects. A remote attacker could use this flaw to bypass certain security checks and possibly execute arbitrary code. (CVE-2014-1481)

Gentoo 201504-01 firefox 2015-04-07
openSUSE openSUSE-SU-2014:1100-1 Firefox 2014-09-09
openSUSE openSUSE-SU-2014:0419-1 Mozilla 2014-03-21
Fedora FEDORA-2014-2324 seamonkey 2014-02-22
Fedora FEDORA-2014-2291 seamonkey 2014-02-22
Ubuntu USN-2102-2 firefox 2014-02-19
Ubuntu USN-2119-1 thunderbird 2014-02-19
SUSE SUSE-SU-2014:0248-2 firefox 2014-02-19
SUSE SUSE-SU-2014:0248-1 firefox 2014-02-18
CentOS CESA-2014:0132 firefox 2014-02-05
Fedora FEDORA-2014-2051 firefox 2014-02-12
Ubuntu USN-2102-1 firefox 2014-02-10
Mageia MGASA-2014-0048 seamonkey 2014-02-10
Slackware SSA:2014-039-02 thunderbird 2014-02-08
Debian DSA-2858-1 iceweasel 2014-02-10
Oracle ELSA-2014-0132 firefox 2014-02-05
Fedora FEDORA-2014-2040 xulrunner 2014-02-06
Oracle ELSA-2014-0132 firefox 2014-02-04
CentOS CESA-2014:0132 firefox 2014-02-05
Slackware SSA:2014-039-01 firefox 2014-02-08
openSUSE openSUSE-SU-2014:0212-1 firefox 2014-02-08
Mageia MGASA-2014-0036 mozilla 2014-02-06
Scientific Linux SLSA-2014:0133-1 thunderbird 2014-02-05
Scientific Linux SLSA-2014:0132-1 firefox 2014-02-05
CentOS CESA-2014:0133 thunderbird 2014-02-05
CentOS CESA-2014:0133 thunderbird 2014-02-05
Red Hat RHSA-2014:0133-01 thunderbird 2014-02-04
Red Hat RHSA-2014:0132-01 firefox 2014-02-04
Fedora FEDORA-2014-2051 xulrunner 2014-02-12
Slackware SSA:2014-039-03 seamonkey 2014-02-08
openSUSE openSUSE-SU-2014:0213-1 Mozilla 2014-02-08
Fedora FEDORA-2014-2041 thunderbird 2014-02-07
Fedora FEDORA-2014-2040 firefox 2014-02-06
Oracle ELSA-2014-0133 thunderbird 2014-02-04

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds