Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseOPENSUSE-SU-2015:0077-2
HistoryJan 19, 2015 - 3:04 p.m.

Security update for MozillaFirefox (important)

2015-01-1915:04:39
lists.opensuse.org
16

0.942 High

EPSS

Percentile

99.0%

JSON

MozillaFirefox was updated to version 35.0 (bnc#910669)

Notable features:

  • Firefox Hello with new rooms-based conversations model
  • Implemented HTTP Public Key Pinning Extension (for enhanced
    authentication of encrypted connections)

Security fixes:

  • MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous memory safety
    hazards
  • MFSA 2015-02/CVE-2014-8637 (bmo#1094536) Uninitialized memory use during
    bitmap rendering
  • MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon requests lack an
    Origin header
  • MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie injection through Proxy
    Authenticate responses
  • MFSA 2015-05/CVE-2014-8640 (bmo#1100409) Read of uninitialized memory in
    Web Audio
  • MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free in WebRTC
  • MFSA 2015-07/CVE-2014-8643 (bmo#1114170) (Windows-only) Gecko Media
    Plugin sandbox escape
  • MFSA 2015-08/CVE-2014-8642 (bmo#1079658) Delegated OCSP responder
    certificates failure with id-pkix-ocsp-nocheck extension
  • MFSA 2015-09/CVE-2014-8636 (bmo#987794) XrayWrapper bypass through DOM
    objects
  • obsolete tracker-miner-firefox < 0.15 because it leads to startup
    crashes (bnc#908892)
OSVersionArchitecturePackageVersionFilename
openSUSE13.2i586mozillafirefox< 35.0-9.1MozillaFirefox-35.0-9.1.i586.rpm
openSUSE13.2i586mozillafirefox-translations-other< 35.0-9.1MozillaFirefox-translations-other-35.0-9.1.i586.rpm
openSUSE13.2i586mozillafirefox-debuginfo< 35.0-9.1MozillaFirefox-debuginfo-35.0-9.1.i586.rpm
openSUSE13.2x86_64mozillafirefox-translations-other< 35.0-9.1MozillaFirefox-translations-other-35.0-9.1.x86_64.rpm
openSUSE13.2x86_64mozillafirefox-debuginfo< 35.0-9.1MozillaFirefox-debuginfo-35.0-9.1.x86_64.rpm
openSUSE13.2x86_64mozillafirefox-devel< 35.0-9.1MozillaFirefox-devel-35.0-9.1.x86_64.rpm
openSUSE13.2i586mozillafirefox-devel< 35.0-9.1MozillaFirefox-devel-35.0-9.1.i586.rpm
openSUSE13.2x86_64mozillafirefox-translations-common< 35.0-9.1MozillaFirefox-translations-common-35.0-9.1.x86_64.rpm
openSUSE13.2i586mozillafirefox-buildsymbols< 35.0-9.1MozillaFirefox-buildsymbols-35.0-9.1.i586.rpm
openSUSE13.2x86_64mozillafirefox< 35.0-9.1MozillaFirefox-35.0-9.1.x86_64.rpm
Rows per page:
1-10 of 161

Related

nessus 35
securityvulns 1
suse 7
openvas 34
ubuntu 4
freebsd 1
archlinux 2
mageia 3
debian 2
oraclelinux 2
redhat 2
osv 2
centos 2
mozilla 9
prion 11
ubuntucve 11
cve 11
packetstorm 1
checkpoint_advisories 2
metasploit 1
veracode 4
zdt 1
kaspersky 2
exploitdb 1
ibm 1
googleprojectzero 1
gentoo 1
nessus
nessus
openSUSE Security Update : MozillaFirefox (openSUSE-SU-2015:0077-2)
2015-01-20 00:00:00
Firefox < 35 Multiple Vulnerabilities
2015-01-14 00:00:00
openSUSE Security Update : seamonkey (openSUSE-SU-2015:0192-1)
2015-02-03 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2015-01-19 00:00:00
suse
suse
Security update for seamonkey (important)
2015-02-02 12:05:27
Security update for MozillaFirefox (important)
2015-01-19 14:04:43
Security update for Mozilla Firefox (important)
2015-01-31 01:09:23
openvas
openvas
openSUSE: Security Advisory for seamonkey (openSUSE-SU-2015:0192-1)
2015-02-03 00:00:00
Mozilla Firefox Multiple Vulnerabilities-01 Jan15 (Mac OS X)
2015-01-20 00:00:00
Ubuntu Update for firefox USN-2458-1
2015-01-23 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2015-01-14 00:00:00
Firefox regression
2015-01-27 00:00:00
Ubufox update
2015-01-14 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2015-01-13 00:00:00
archlinux
archlinux
firefox: multiple issues
2015-01-14 00:00:00
thunderbird: multiple issues
2015-01-14 00:00:00
mageia
mageia
Updated iceape package fixes security vulnerabilities
2015-01-19 19:47:36
Updated firefox and thunderbird packages fixes security vulnerabilities
2015-01-18 01:31:08
Updated iceape packages fix security vulnerabilities
2015-09-08 10:20:40
debian
debian
[SECURITY] [DSA 3127-1] iceweasel security update
2015-01-14 19:02:00
[SECURITY] [DSA 3132-1] icedove security update
2015-01-19 16:58:23
oraclelinux
oraclelinux
firefox security and bug fix update
2015-01-14 00:00:00
thunderbird security update
2015-01-13 00:00:00
redhat
redhat
(RHSA-2015:0046) Critical: firefox security and bug fix update
2015-01-13 00:00:00
(RHSA-2015:0047) Important: thunderbird security update
2015-01-13 00:00:00
osv
osv
iceweasel - security update
2015-01-14 00:00:00
icedove - security update
2015-01-19 00:00:00
centos
centos
firefox, xulrunner security update
2015-01-14 16:08:25
thunderbird security update
2015-01-14 15:52:57
mozilla
mozilla
Miscellaneous memory safety hazards (rv:35.0 / rv:31.4) — Mozilla
2015-01-13 00:00:00
Uninitialized memory use during bitmap rendering — Mozilla
2015-01-13 00:00:00
Delegated OCSP responder certificates failure with id-pkix-ocsp-nocheck extension — Mozilla
2015-01-13 00:00:00
prion
prion
Information disclosure
2015-01-14 11:59:00
Design/Logic Flaw
2015-01-14 11:59:00
Design/Logic Flaw
2015-01-14 11:59:00
ubuntucve
ubuntucve
CVE-2014-8637
2015-01-14 00:00:00
CVE-2014-8642
2015-01-14 00:00:00
CVE-2014-8636
2015-01-14 00:00:00
cve
cve
CVE-2014-8637
2015-01-14 11:59:00
CVE-2014-8642
2015-01-14 11:59:00
CVE-2014-8640
2015-01-14 11:59:00
packetstorm
packetstorm
Firefox Proxy Prototype Privileged Javascript Injection
2015-03-24 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox XrayWrapper Policy Bypass (CVE-2014-8636)
2015-04-19 00:00:00
Mozilla Firefox Proxy Prototype Remote Code Execution (CVE-2014-8636)
2015-03-26 00:00:00
metasploit
metasploit
Firefox Proxy Prototype Privileged Javascript Injection
2015-03-23 18:44:41
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:04:03
Arbitrary Code Execution
2019-05-02 05:07:08
Cross-site Request Forgery (CSRF)
2019-05-02 05:07:07
zdt
zdt
Firefox Proxy Prototype Privileged Javascript Injection Exploit
2015-03-27 00:00:00
kaspersky
kaspersky
KLA10445 ACE vulnerability in Mozilla
2015-01-13 00:00:00
KLA10446 CI vulnerability in Mozilla products
2015-01-13 00:00:00
exploitdb
exploitdb
Mozilla Firefox - Proxy Prototype Privileged JavaScript Injection (Metasploit)
2015-03-24 00:00:00
ibm
ibm
Security Bulletin: Mozilla Firefox vulnerability issues in IBM SONAS (CVE-2014-1574, CVE-2014-1576, CVE-2014-1577, CVE-2014-1578, CVE-2014-1581, CVE-2014-1583, CVE-2014-1587, CVE-2014-1588, and 11 more)
2018-06-18 00:09:21
googleprojectzero
googleprojectzero
Attacking ECMAScript Engines with Redefinition
2015-08-17 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00

0.942 High

EPSS

Percentile

99.0%

JSON
Related for OPENSUSE-SU-2015:0077-2
nessus35securityvulns1suse7openvas34ubuntu4freebsd1archlinux2mageia3debian2oraclelinux2redhat2osv2centos2mozilla9prion11ubuntucve11cve11packetstorm1checkpoint_advisories2metasploit1veracode4zdt1kaspersky2exploitdb1ibm1googleprojectzero1gentoo1