Mozilla Firefox < 34.0 Multiple Vulnerabilities

Versions of Mozilla Firefox earlier than 34.0 are unpatched for the following vulnerabilities :

• Security Bypass that can be leveraged when processing specially crafted Chrome-based CSS stylesheets with improperly declared namespaces. (CVE-2014-1589)
• Information Disclosure due to the way Content Security Policy leaks data through violation reports. (CVE-2014-1591)
• Multiple Unspecified Memory Corruption Vulnerabilities. (CVE-2014-1587)(CVE-2014-1588)
• Multiple Local Information Disclosure Vulnerabilities requiring interactive access to exploit. (CVE-2014-1595)
• Security Vulnerability due to bad casting from ‘BasicThebesLayer’ to ‘BasicContainerLayer’. (CVE-2014-1594)
• Denial of Service Vulnerability can occur when passing a js object to ‘XMLHttpRequest’ that mimics an input stream. (CVE-2014-1590)
• Use After Free Memory Corruption Vulnerability when creating a second root element during the parsing of an HTML5 document which contains ‘document.open()’. (CVE-2014-1592)
• Buffer Overflow Vulnerability when handling specially crafted media content. (CVE-2014-1593)
• A flaw exists and is triggered as ‘XrayWrappers’ filter objects are not properly validated when stored in the program. This may allow a context-dependent attacker to bypass security protection mechanisms. (CVE-2014-8632)