525 matches found
CVE-2014-3174
modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients, which allows remote attackers to cause a denial of service read of...
UBUNTU-CVE-2014-3174
modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients, which allows remote attackers to cause a denial of service read of...
Stable Channel Update
The Chrome team is delighted to announce the promotion of Chrome 37 to the stable channel for Windows, Mac and Linux. Chrome 37.0.2062.94 contains a number of fixes and improvements, including: - DirectWrite support on Windows for improved font rendering - A number of new apps/extension APIs -...
Mozilla Thunderbird Multiple Vulnerabilities-01 (Aug 2014) - Windows
Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
Mozilla Firefox Multiple Vulnerabilities-01 (Aug 2014) - Mac OS X
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
Mozilla Firefox ESR Multiple Vulnerabilities-01 (Aug 2014) - Mac OS X
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
Mozilla Thunderbird Multiple Vulnerabilities-01 (Aug 2014) - Mac OS X
Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2014:0939-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : openSUSE-2014- (openSUSE-2014--1)
MozillaFirefox was updated to version 31 to fix various security issues and bugs : - MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety hazards - MFSA 2014-57/CVE-2014-1549 bmo1020205 Buffer overflow during Web Audio buffering for playback - MFSA 2014-58/CVE-2014-1550 bmo1020411...
Mozilla Firefox < 31.0 Multiple Vulnerabilities
Binary data 8333.prm...
FreeBSD : mozilla -- multiple vulnerabilities (978b0f76-122d-11e4-afe3-bc5ff4fb5e7b)
The Mozilla Project reports : MFSA 2014-66 IFRAME sandbox same-origin access through redirect MFSA 2014-65 Certificate parsing broken by non-standard character encoding MFSA 2014-64 Crash in Skia library when scaling high quality images MFSA 2014-63 Use-after-free while when manipulating...
Mozilla Thunderbird < 31.0 Multiple Vulnerabilities (Mac OS X)
The version of Thunderbird installed on the remote host is a version prior to 31.0. It is, therefore, affected by the following vulnerabilities : - When a pair of NSSCertificate structures are added to a trust domain and then one of them is removed during use, a use-after-free error occurs which...
Firefox < 31.0 Multiple Vulnerabilities
The version of Firefox installed on the remote host is a version prior to 31.0. It is, therefore, affected by the following vulnerabilities : - When a pair of NSSCertificate structures are added to a trust domain and then one of them is removed during use, a use-after-free error occurs which may...
Mozilla Thunderbird < 31.0 Multiple Vulnerabilities
The version of Thunderbird installed on the remote host is a version prior to 31.0. It is, therefore, affected by the following vulnerabilities : - When a pair of NSSCertificate structures are added to a trust domain and then one of them is removed during use, a use-after-free error occurs which...
CVE-2014-1550
Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption by leveraging incorrect Web Audio control-message ordering...
Design/Logic Flaw
Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption by leveraging incorrect Web Audio control-message ordering...
CVE-2014-1549
The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow and...
CVE-2014-1550
CVE-2014-1550 is a use-after-free in Mozilla Firefox (before 31.0) and Thunderbird (before 31.0) affecting the MediaInputPort class. The underlying issue is a heap memory corruption caused by incorrect Web Audio control-message ordering, which could allow a remote attacker to execute arbitrary co...
Firefox 31 Patches 11 Security Flaws
Mozilla has released a new version of Firefox, which includes patches for 11 security vulnerabilities. Three of the bugs fixed in Firefox 31 are critical, including a use-after-free vulnerability and a handful of memory safety issues. There are actually several separate use-after-free...
USN-2296-1 thunderbird vulnerabilities
Christian Holler, David Keeler and Byron Campen discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or...