CVE-2014-1551

Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a...

CVE-2014-1551

Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a...

CVE-2014-1551

CVE-2014-1551 is a concrete use-after-free vulnerability in Mozilla Firefox’s FontTableRec destructor that can be triggered by crafted fonts in MathML content. Root cause: improper handling of a DirectWrite font-face object, allowing remote attackers to execute arbitrary code. Affected products/v...

Use-after-free in DirectWrite font handling — Mozilla

Mozilla community member James Kitchener reported a crash in DirectWrite when rendering MathML content with specific fonts due to an error in how font resources and tables are handled. This leads to use-after-free of a DirectWrite font-face object, resulting in a potentially exploitable crash...

PT-2014-1464 · Mozilla +1 · Firefox Esr +3

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 31.0 Firefox ESR versions prior to 24.7 Thunderbird versions prior to 24.7 Description: The issue is related to a use-after-free vulnerability in the FontTableRec destructor, allowing remote attackers to...

openSUSE Security Update : libreoffice (openSUSE-SU-2012:1686-1)

LibreOffice was updated to 3.5.4.13 3.5.6rc2 based, fixing a security issue and lots of bugs : - NULL pointer dereference bnc778669, CVE-2012-4233 - bullet-color-pptx-import.diff: bullets should have same color as following text by default; missing part of the fix bnc734733 - update to...

MozillaThunderbird,seamonkey (important)

Mozilla Thunderbird was updated to 24.4.0. Mozilla SeaMonkey was updated to 2.25. MFSA 2014-15/CVE-2014-1493/CVE-2014-1494 Miscellaneous memory safety hazards MFSA 2014-17/CVE-2014-1497 bmo966311 Out of bounds read during WAV file decoding MFSA 2014-18/CVE-2014-1498 bmo935618...

Mozilla: Information disclosure through polygon rendering in MathML (MFSA 2014-26)

The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service out-of-bounds read and application...

CVE-2014-1508

The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service out-of-bounds read and application...

CVE-2014-1508

The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service out-of-bounds read and application...

CVE-2014-1508

The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service out-of-bounds read and application...

CVE-2014-1508

CVE-2014-1508 affects Mozilla Firefox family components (libxul) where libxul.so!gfxContext::Polygon can leak memory, cause out-of-bounds reads, or crash, with potential Same Origin Policy bypass via MathML polygon rendering. Affected: Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbir...

Mozilla: Information disclosure through polygon rendering in MathML (MFSA 2014-26)

The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service out-of-bounds read and application...

KLA10120 Multiple vulnerabilities in Mozilla

Multiple critical vulnerabilities have been found in Mozilla products. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, execute arbitrary code, bypass security restrictions or gain privileges. Below is a complete list of vulnerabilities 1...

Information disclosure through polygon rendering in MathML — Mozilla

Security researcher Tyson Smith and Jesse Schwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover an out-of-bounds read during polygon rendering in MathML. This can allow web content to potentially read protected memory...

CVE-2013-2268

Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack vectors, related to a "high severity security issue."...

UBUNTU-CVE-2013-2268

Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack vectors, related to a "high severity security issue."...

Design/Logic Flaw

Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack vectors, related to a "high severity security issue."...

CVE-2013-2268

Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack vectors, related to a "high severity security issue."...

CVE-2013-2268

CVE-2013-2268 describes an unspecified vulnerability in the MathML implementation of WebKit used by Google Chrome. The affected product is Chrome on Windows and Linux up to version 25.0.1364.97, and on macOS up to 25.0.1364.99, with an unknown impact and remote attack vectors. The NVD entry lists...