Lucene search

Tenable8290.PRM

HistoryJun 10, 2014 - 12:00 a.m.

Mozilla Firefox < 30.0 Multiple Vulnerabilities

2014-06-1000:00:00

Tenable

www.tenable.com

Versions of Mozilla Firefox earlier than 30.0 are unpatched against the following vulnerabilities :

Buffer overflows due to insufficient input validation in Gamepad API and Web Audio Speex resampler, which can be leveraged to execute arbitrary code or cause denial of service conditions (CVE-2014-1543, CVE-2014-1542)
Use-after-free errors in SMIL Animation Controller, Event Listener Manager, and various other locations, which may be triggered via web content to cause a potentially exploitable crash (CVE-2014-1540, CVE-2014-1539, CVE-2014-1538; on non-ESR Firefox only: CVE-2014-1536, CVE-2014-1537)
Clickjacking through cursor invisibility when the cursor leaves the embedded flash object (OS X platform only) (CVE-2014-1539)
Miscellaneous memory safety hazards (CVE-2014-1533, CVE-2014-1534)

Binary data 8290.prm

VendorProductVersionCPE
mozillafirefoxcpe:/a:mozilla:firefox

Vendor	Product	Version	CPE
mozilla	firefox		cpe:/a:mozilla:firefox

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1533

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1534

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1536

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1537

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1538

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1539

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1540

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1541

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1542

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1543

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1545

www.mozilla.org/security/announce/2014/mfsa2014-48.html

www.mozilla.org/security/announce/2014/mfsa2014-49.html

www.mozilla.org/security/announce/2014/mfsa2014-50.html

www.mozilla.org/security/announce/2014/mfsa2014-51.html

www.mozilla.org/security/announce/2014/mfsa2014-52.html

www.mozilla.org/security/announce/2014/mfsa2014-53.html

www.mozilla.org/security/announce/2014/mfsa2014-54.html

www.mozilla.org/security/announce/2014/mfsa2014-55.html

Related for 8290.PRM