mozilla -- multiple vulnerabilities

ID 7AE61870-9DD2-4884-A2F2-F19BB5784D09
Type freebsd
Reporter FreeBSD
Modified 2014-12-01T00:00:00


The Mozilla Project reports:

ASN.1 DER decoding of lengths is too permissive, allowing undetected smuggling of arbitrary data MFSA-2014-90 Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory MFSA-2014-89 Bad casting from the BasicThebesLayer to BasicContainerLayer MFSA-2014-88 Buffer overflow while parsing media content MFSA-2014-87 Use-after-free during HTML5 parsing MFSA-2014-86 CSP leaks redirect data via violation reports MFSA-2014-85 XMLHttpRequest crashes with some input streams MFSA-2014-84 XBL bindings accessible via improper CSS declarations MFSA-2014-83 Miscellaneous memory safety hazards (rv:34.0 / rv:31.3)