Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.
lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html
lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
www.debian.org/security/2014/dsa-3090
www.debian.org/security/2014/dsa-3092
www.mozilla.org/security/announce/2014/mfsa2014-88.html
www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
www.securityfocus.com/bid/71395
bugzilla.mozilla.org/show_bug.cgi?id=1085175
security.gentoo.org/glsa/201504-01