Lucene search
Mozilla FoundationMFSA2014-69HistorySep 02, 2014 - 12:00 a.m.
Uninitialized memory use during GIF rendering — Mozilla
2014-09-0200:00:00
Mozilla Foundation
www.mozilla.org
29
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.019 Low
EPSS
Percentile
88.6%
Google security researcher Michal Zalewski discovered that when a malformated GIF image is rendered in certain circumstances, memory is not properly initialized before use. The resulting image then uses this memory during rendering. This could allow for the a script in web content to access this unitialized memory using the feature.
| CPE | Name | Operator | Version |
|---|---|---|---|
| firefox | lt | 32 | |
| firefox esr | lt | 31.1 | |
| seamonkey | lt | 2.29 | |
| thunderbird | lt | 31.1 |
Related
ubuntucve
ubuntucve
CVE-2014-1564
2014-09-02 00:00:00
prion
prion
Information disclosure
2014-09-03 10:55:00
packetstorm
packetstorm
Mozilla Firefox Secret Leak
2014-09-03 00:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2014-69) - Linux
2021-11-11 00:00:00
Mozilla Firefox ESR Multiple Vulnerabilities-02 (Sep 2014) - Windows
2014-09-05 00:00:00
Mozilla Thunderbird Multiple Vulnerabilities-02 (Sep 2014) - Windows
2014-09-05 00:00:00
securityvulns
securityvulns
Uninit memory disclosure via truncated images in Firefox
2014-09-15 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2014-09-15 00:00:00
cvelist
cvelist
CVE-2014-1564
2014-09-03 10:00:00
cve
cve
CVE-2014-1564
2014-09-03 10:55:00
fireeye
fireeye
Fuzzing Image Parsing in Windows, Part Two: Uninitialized Memory
2021-03-03 00:00:00
suse
suse
MozillaThunderbird: Update to 31.1 release (important)
2014-09-09 12:07:15
Firefox update to latest 31ESR release (important)
2015-01-25 16:04:59
Mozilla (Firefox/Thunderbird) updates to 31.8.0 (important)
2015-07-18 19:07:56
nessus
nessus
Firefox ESR 31.x < 31.1 Multiple Vulnerabilities
2014-09-03 00:00:00
Ubuntu 14.04 LTS : Thunderbird vulnerabilities (USN-2330-1)
2014-09-12 00:00:00
Mozilla Thunderbird < 31.1 Multiple Vulnerabilities (Mac OS X)
2014-09-03 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2014-09-11 00:00:00
Firefox vulnerabilities
2014-09-02 00:00:00
mageia
mageia
Updated iceape package fixes security vulnerabilities
2014-10-23 17:27:57
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.019 Low
EPSS
Percentile
88.6%
Related for MFSA2014-69