Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SU-2014:0638-2
HistoryMay 16, 2014 - 2:04 a.m.

Security update for Mozilla Firefox (important)

2014-05-1602:04:19
lists.opensuse.org
25

EPSS

0.021

Percentile

89.2%

JSON

This MozillaFirefox and mozilla-nss update fixes several security and
non-security issues.

MozillaFirefox has been updated to version 24.5.0esr which fixes the
following issues:

  • MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards
  • MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG
    images
  • MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object
    as XBL
  • MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web
    Notification API
  • MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history
    navigations
  • MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while
    resizing images
  • MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver

Mozilla NSS has been updated to version 3.16

  • required for Firefox 29
  • CVE-2014-1492_ In a wildcard certificate, the wildcard character
    should not be embedded within the U-label of an internationalized
    domain name. See the last bullet point in RFC 6125, Section 7.2.
  • Update of root certificates.
OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Server LTSS11.2i586mozilla-nss< 3.16-0.3.1mozilla-nss-3.16-0.3.1.i586.rpm
SUSE Linux Enterprise Server LTSS11.2x86_64mozilla-nss< 3.16-0.3.1mozilla-nss-3.16-0.3.1.x86_64.rpm
SUSE Linux Enterprise Server LTSS11.2i586mozillafirefox< 24.5.0esr-0.3.1MozillaFirefox-24.5.0esr-0.3.1.i586.rpm
SUSE Linux Enterprise Server LTSS11.2s390xmozillafirefox< 24.5.0esr-0.3.1MozillaFirefox-24.5.0esr-0.3.1.s390x.rpm
SUSE Linux Enterprise Server LTSS11.2i586mozillafirefox-branding-sled< 24-0.4.10.14MozillaFirefox-branding-SLED-24-0.4.10.14.i586.rpm
SUSE Linux Enterprise Server LTSS11.2s390xmozilla-nss-devel< 3.16-0.3.1mozilla-nss-devel-3.16-0.3.1.s390x.rpm
SUSE Linux Enterprise Server LTSS11.2s390xmozilla-nspr-devel< 4.10.4-0.3.1mozilla-nspr-devel-4.10.4-0.3.1.s390x.rpm
SUSE Linux Enterprise Server LTSS11.2i586mozilla-nss-tools< 3.16-0.3.1mozilla-nss-tools-3.16-0.3.1.i586.rpm
SUSE Linux Enterprise Server LTSS11.2i586libfreebl3< 3.16-0.3.1libfreebl3-3.16-0.3.1.i586.rpm
SUSE Linux Enterprise Server LTSS11.2s390xmozilla-nss-32bit< 3.16-0.3.1mozilla-nss-32bit-3.16-0.3.1.s390x.rpm
Rows per page:
1-10 of 331

Related

suse 4
openvas 59
nessus 43
osv 2
centos 3
oraclelinux 3
debian 2
redhat 3
veracode 8
ubuntu 3
mageia 2
ibm 2
freebsd 1
securityvulns 2
zdt 1
packetstorm 1
nvd 9
cve 9
cvelist 9
mozilla 9
ubuntucve 9
prion 9
slackware 1
seebug 1
debiancve 1
amazon 3
suse
suse
Security update for Mozilla Firefox (important)
2014-05-14 01:04:17
Security update for Mozilla Firefox (important)
2014-05-16 02:05:07
Security update for Mozilla Firefox (important)
2014-05-28 22:05:08
openvas
openvas
SUSE: Security Advisory for Mozilla (SUSE-SU-2014:0638-2)
2015-10-16 00:00:00
SUSE: Security Advisory for Mozilla (SUSE-SU-2014:0638-1)
2015-10-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0638-2)
2021-06-09 00:00:00
nessus
nessus
SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 9185)
2014-05-14 00:00:00
SUSE SLES11 Security Update : Mozilla Firefox (SUSE-SU-2014:0665-1)
2015-05-20 00:00:00
SUSE SLES10 Security Update : Mozilla Firefox (SUSE-SU-2014:0727-1)
2015-05-20 00:00:00
osv
osv
icedove - security update
2014-05-05 00:00:00
iceweasel - security update
2014-04-30 00:00:00
centos
centos
firefox security update
2014-04-30 12:17:25
thunderbird security update
2014-04-30 12:17:04
nss security update
2014-08-18 21:47:41
oraclelinux
oraclelinux
firefox security update
2014-04-30 00:00:00
thunderbird security update
2014-04-30 00:00:00
nss, nss-util, nss-softokn security, bug fix, and enhancement update
2014-08-18 00:00:00
debian
debian
[SECURITY] [DSA 2924-1] icedove security update
2014-05-05 15:31:23
[SECURITY] [DSA 2918-1] iceweasel security update
2014-04-30 13:54:12
redhat
redhat
(RHSA-2014:0448) Critical: firefox security update
2014-04-29 00:00:00
(RHSA-2014:0449) Important: thunderbird security update
2014-04-29 00:00:00
(RHSA-2014:1073) Low: nss, nss-util, nss-softokn security, bug fix, and enhancement update
2014-08-18 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 04:57:48
Out-Of-Bounds Read
2019-05-02 04:57:48
Cross-Site Scripting (XSS)
2019-05-02 04:57:49
ubuntu
ubuntu
Thunderbird vulnerabilities
2014-04-30 00:00:00
Firefox vulnerabilities
2014-04-29 00:00:00
NSS vulnerability
2014-04-02 00:00:00
mageia
mageia
Updated firefox & thunderbird packages fix multiple vulnerabilities
2014-05-02 22:03:24
Updated iceape packages fix multiple vulnerabilities
2014-06-11 20:56:59
ibm
ibm
Security Bulletin: IBM Storwize V7000 Unified security vulnerabilities related to Mozilla Firefox (CVE-2014-1518, CVE-2014-1523, CVE-2014-1524, CVE-2014-1529, CVE-2014-1530, CVE-2014-1531, CVE-2014-1532, CVE-2014-1533, CVE-2014-1538, CVE-2014-1541)
2018-06-18 00:08:28
Security Bulletin: Mozilla firefox vulnerability issues on IBM SONAS (CVE-2014-1518, CVE-2014-1523, CVE-2014-1524, CVE-2014-1529, CVE-2014-1530, CVE-2014-1531, CVE-2014-1532, CVE-2014-1533, CVE-2014-1538, CVE-2014-1541)
2018-06-18 00:08:33
freebsd
freebsd
mozilla -- multiple vulnerabilities
2014-04-29 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2014-05-01 00:00:00
[ MDVSA-2014:066 ] nss
2014-03-24 00:00:00
zdt
zdt
Mozilla Arbitrary Code Execution / Privilege Escalation Vulnerability
2021-03-09 00:00:00
packetstorm
packetstorm
Mozilla Firefox DLL Hijacking
2016-06-15 00:00:00
nvd
nvd
CVE-2014-1520
2014-04-30 10:49:04
CVE-2014-1524
2014-04-30 10:49:04
CVE-2014-1518
2014-04-30 10:49:04
cve
cve
CVE-2014-1520
2014-04-30 10:49:04
CVE-2014-1524
2014-04-30 10:49:04
CVE-2014-1532
2014-04-30 10:49:05
cvelist
cvelist
CVE-2014-1520
2014-04-30 10:00:00
CVE-2014-1523
2014-04-30 10:00:00
CVE-2014-1524
2014-04-30 10:00:00
mozilla
mozilla
Buffer overflow when using non-XBL object as XBL — Mozilla
2014-04-29 00:00:00
Privilege escalation through Mozilla Maintenance Service Installer — Mozilla
2014-04-29 00:00:00
Cross-site scripting (XSS) using history navigations — Mozilla
2014-04-29 00:00:00
ubuntucve
ubuntucve
CVE-2014-1524
2014-04-29 00:00:00
CVE-2014-1520
2014-04-30 00:00:00
CVE-2014-1518
2014-04-29 00:00:00
prion
prion
Buffer overflow
2014-04-30 10:49:00
Directory traversal
2014-04-30 10:49:00
Memory corruption
2014-04-30 10:49:00
slackware
slackware
[slackware-security] mozilla-nss
2014-03-28 22:54:39
seebug
seebug
Mozilla Network Security Services 'p12creat.c'内存破坏漏洞
2014-03-25 00:00:00
debiancve
debiancve
CVE-2014-1492
2014-03-25 13:25:38
amazon
amazon
Medium: ruby22
2015-05-27 14:06:00
Medium: ruby19
2015-05-27 14:05:00
Medium: ruby20
2015-05-27 14:05:00

EPSS

0.021

Percentile

89.2%

JSON
Related for SUSE-SU-2014:0638-2
suse4openvas59nessus43osv2centos3oraclelinux3debian2redhat3veracode8ubuntu3mageia2ibm2freebsd1securityvulns2zdt1packetstorm1nvd9cve9cvelist9mozilla9ubuntucve9prion9slackware1seebug1debiancve1amazon3