ID USN-2189-1 Type ubuntu Reporter Ubuntu Modified 2014-04-30T00:00:00
Description
Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd and Christian Holler discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2014-1518)
Abhishek Arya discovered an out of bounds read when decoding JPG images. An attacker could potentially exploit this to cause a denial of service via application crash. (CVE-2014-1523)
Abhishek Arya discovered a buffer overflow when a script uses a non-XBL object as an XBL object. If a user had enabled scripting, an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2014-1524)
Mariusz Mlynski discovered that sites with notification permissions can run script in a privileged context in some circumstances. If a user had enabled scripting, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2014-1529)
It was discovered that browser history navigations could be used to load a site with the addressbar displaying the wrong address. If a user had enabled scripting, an attacker could potentially exploit this to conduct cross-site scripting or phishing attacks. (CVE-2014-1530)
A use-after-free was discovered when resizing images in some circumstances. If a user had enabled scripting, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2014-1531)
Tyson Smith and Jesse Schwartzentruber discovered a use-after-free during host resolution in some circumstances. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2014-1532)
{"id": "USN-2189-1", "bulletinFamily": "unix", "title": "Thunderbird vulnerabilities", "description": "Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd and Christian Holler discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2014-1518)\n\nAbhishek Arya discovered an out of bounds read when decoding JPG images. An attacker could potentially exploit this to cause a denial of service via application crash. (CVE-2014-1523)\n\nAbhishek Arya discovered a buffer overflow when a script uses a non-XBL object as an XBL object. If a user had enabled scripting, an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2014-1524)\n\nMariusz Mlynski discovered that sites with notification permissions can run script in a privileged context in some circumstances. If a user had enabled scripting, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2014-1529)\n\nIt was discovered that browser history navigations could be used to load a site with the addressbar displaying the wrong address. If a user had enabled scripting, an attacker could potentially exploit this to conduct cross-site scripting or phishing attacks. (CVE-2014-1530)\n\nA use-after-free was discovered when resizing images in some circumstances. If a user had enabled scripting, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2014-1531)\n\nTyson Smith and Jesse Schwartzentruber discovered a use-after-free during host resolution in some circumstances. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2014-1532)", "published": "2014-04-30T00:00:00", "modified": "2014-04-30T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/2189-1/", "reporter": "Ubuntu", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-1523", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-1532", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-1518", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-1524", "https://launchpad.net/bugs/1313886", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-1529", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-1530", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-1531"], "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "type": "ubuntu", "lastseen": "2018-03-29T18:17:35", "history": [], "edition": 1, "hashmap": [{"key": "affectedPackage", "hash": "cf1ee43419f36a271b5a0b793d74c4c2"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "e8899a6352309f7385626b61b7e77c70"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "270541de60f4c3f3a59380ab1e11e929"}, {"key": "href", "hash": "30bd6e4c2189dd4c8a73a0bfaa6a55e3"}, {"key": "modified", "hash": "8d0ea4241d1fe334aa9b7ba61e614174"}, {"key": "published", "hash": "8d0ea4241d1fe334aa9b7ba61e614174"}, {"key": "references", "hash": "a0eb338090c746c05ca0465c2db5dee8"}, {"key": "reporter", "hash": "3d945423f8e9496c429a5d8c65b4604f"}, {"key": "title", "hash": "7de80bc5fc7c9b22ede5553d54689cb9"}, {"key": "type", "hash": "1d41c853af58d3a7ae54990ce29417d8"}], "hash": "8c1aeb58c74485dbb4b8271bbcd30531ee9e29343fb0dad066b8fa1c7db8d377", "viewCount": 0, "enchantments": {"vulnersScore": 8.3}, "objectVersion": "1.3", "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "packageVersion": "1:24.5.0+build1-0ubuntu0.12.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "packageVersion": "1:24.5.0+build1-0ubuntu0.14.04.1"}, {"OS": "Ubuntu", "OSVersion": "13.10", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "packageVersion": "1:24.5.0+build1-0ubuntu0.13.10.1"}, {"OS": "Ubuntu", "OSVersion": "12.10", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "packageVersion": "1:24.5.0+build1-0ubuntu0.12.10.1"}]}
{"result": {"cve": [{"id": "CVE-2014-1530", "type": "cve", "title": "CVE-2014-1530", "description": "The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation.", "published": "2014-04-30T06:49:05", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1530", "cvelist": ["CVE-2014-1530"], "lastseen": "2017-04-18T15:54:34"}, {"id": "CVE-2014-1523", "type": "cve", "title": "CVE-2014-1523", "description": "Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image.", "published": "2014-04-30T06:49:04", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1523", "cvelist": ["CVE-2014-1523"], "lastseen": "2017-04-18T15:54:34"}, {"id": "CVE-2014-1529", "type": "cve", "title": "CVE-2014-1529", "description": "The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.", "published": "2014-04-30T06:49:04", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1529", "cvelist": ["CVE-2014-1529"], "lastseen": "2017-04-18T15:54:34"}, {"id": "CVE-2014-1532", "type": "cve", "title": "CVE-2014-1532", "description": "Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution.", "published": "2014-04-30T06:49:05", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1532", "cvelist": ["CVE-2014-1532"], "lastseen": "2017-04-18T15:54:34"}, {"id": "CVE-2014-1531", "type": "cve", "title": "CVE-2014-1531", "description": "Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation.", "published": "2014-04-30T06:49:05", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1531", "cvelist": ["CVE-2014-1531"], "lastseen": "2017-04-18T15:54:34"}, {"id": "CVE-2014-1524", "type": "cve", "title": "CVE-2014-1524", "description": "The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object.", "published": "2014-04-30T06:49:04", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1524", "cvelist": ["CVE-2014-1524"], "lastseen": "2017-04-18T15:54:34"}, {"id": "CVE-2014-1518", "type": "cve", "title": "CVE-2014-1518", "description": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", "published": "2014-04-30T06:49:04", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1518", "cvelist": ["CVE-2014-1518"], "lastseen": "2017-04-18T15:54:34"}], "mozilla": [{"id": "MFSA2014-43", "type": "mozilla", "title": "Cross-site scripting (XSS) using history navigations", "description": "Mozilla security researcher moz_bug_r_a4 reported a method\nto use browser navigations through history to load a website with that page's\nbaseURI property pointing to that of another site instead of the seemingly\nloaded one. The user will continue to see the incorrect site in the addressbar\nof the browser. This allows for a cross-site scripting (XSS) attack or the theft\nof data through a phishing attack. \n\nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "published": "2014-04-29T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2014-43/", "cvelist": ["CVE-2014-1530"], "lastseen": "2016-09-05T13:37:51"}, {"id": "MFSA2014-37", "type": "mozilla", "title": "Out of bounds read while decoding JPG images", "description": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover a fixed offset\nout of bounds read issue while decoding specifically formatted JPG format\nimages. This causes a non-exploitable crash.", "published": "2014-04-29T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2014-37/", "cvelist": ["CVE-2014-1523"], "lastseen": "2016-09-05T13:37:45"}, {"id": "MFSA2014-42", "type": "mozilla", "title": "Privilege escalation through Web Notification API", "description": "Security researcher Mariusz Mlynski discovered an issue\nwhere sites that have been given notification permissions by a user can bypass\nsecurity checks on source components for the Web Notification API. This allows\nfor script to be run in a privileged context through notifications, leading to\narbitrary code execution on these sites.\n\nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "published": "2014-04-29T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2014-42/", "cvelist": ["CVE-2014-1529"], "lastseen": "2016-09-05T13:37:43"}, {"id": "MFSA2014-46", "type": "mozilla", "title": "Use-after-free in nsHostResolver", "description": "Security researchers Tyson Smith and Jesse\nSchwartzentruber of the BlackBerry Security Automated Analysis Team\nused the Address Sanitizer tool while fuzzing to discover a use-after-free\nduring host resolution in some circumstances. This leads to a potentially\nexploitable crash.", "published": "2014-04-29T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2014-46/", "cvelist": ["CVE-2014-1532"], "lastseen": "2016-09-05T13:37:51"}, {"id": "MFSA2014-44", "type": "mozilla", "title": "Use-after-free in imgLoader while resizing images", "description": "Security researcher Nils discovered a use-after-free error\nin which the imgLoader object is freed while an image is being\nresized. This results in a potentially exploitable crash.\n\nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "published": "2014-04-29T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2014-44/", "cvelist": ["CVE-2014-1531"], "lastseen": "2016-09-05T13:37:39"}, {"id": "MFSA2014-38", "type": "mozilla", "title": "Buffer overflow when using non-XBL object as XBL", "description": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover a buffer\noverflow when a script uses a non-XBL object as an XBL object because the XBL\nstatus of the object is not properly validated. The resulting memory corruption\nis potentially exploitable. \n\nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "published": "2014-04-29T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2014-38/", "cvelist": ["CVE-2014-1524"], "lastseen": "2016-09-05T13:37:47"}, {"id": "MFSA2014-34", "type": "mozilla", "title": "Miscellaneous memory safety hazards (rv:29.0 / rv:24.5)", "description": "Mozilla developers and community identified identified and fixed several\nmemory safety bugs in the browser engine used in Firefox and other Mozilla-based\nproducts. Some of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of these\ncould be exploited to run arbitrary code.\nIn general these flaws cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "published": "2014-04-29T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2014-34/", "cvelist": ["CVE-2014-1519", "CVE-2014-1518"], "lastseen": "2016-09-05T13:37:43"}], "suse": [{"id": "SUSE-SU-2014:0665-1", "type": "suse", "title": "Security update for Mozilla Firefox (important)", "description": "This Mozilla Firefox and Mozilla NSS update fixes several security and\n non-security issues.\n\n Mozilla Firefox has been updated to 24.5.0esr which fixes the following\n issues:\n\n * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards\n * MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG\n images\n * MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object\n as XBL\n * MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web\n Notification API\n * MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history\n navigations\n * MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while\n resizing images\n * MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver\n\n Mozilla NSS has been updated to 3.16\n\n * required for Firefox 29\n * CVE-2014-1492_ In a wildcard certificate, the wildcard character\n should not be embedded within the U-label of an internationalized\n domain name. See the last bullet point in RFC 6125, Section 7.2.\n * Update of root certificates.\n", "published": "2014-05-16T02:05:07", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00006.html", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1492", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2016-09-04T11:59:55"}, {"id": "SUSE-SU-2014:0727-1", "type": "suse", "title": "Security update for Mozilla Firefox (important)", "description": "This Mozilla Firefox update provides several security and non-security\n fixes.\n\n MozillaFirefox has been updated to 24.5.0esr, which fixes the following\n issues:\n\n * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards\n * MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG\n images\n * MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object\n as XBL\n * MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web\n Notification API\n * MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history\n navigations\n * MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while\n resizing images\n * MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver\n\n Mozilla NSS has been updated to 3.16\n\n * required for Firefox 29\n * CVE-2014-1492_ In a wildcard certificate, the wildcard character\n should not be embedded within the U-label of an internationalized\n domain name. See the last bullet point in RFC 6125, Section 7.2.\n * Update of root certificates.\n", "published": "2014-05-28T22:05:08", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00015.html", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1492", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2016-09-04T11:35:06"}, {"id": "SUSE-SU-2014:0638-2", "type": "suse", "title": "Security update for Mozilla Firefox (important)", "description": "This MozillaFirefox and mozilla-nss update fixes several security and\n non-security issues.\n\n MozillaFirefox has been updated to version 24.5.0esr which fixes the\n following issues:\n\n * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards\n * MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG\n images\n * MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object\n as XBL\n * MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web\n Notification API\n * MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history\n navigations\n * MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while\n resizing images\n * MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver\n\n Mozilla NSS has been updated to version 3.16\n\n * required for Firefox 29\n * CVE-2014-1492_ In a wildcard certificate, the wildcard character\n should not be embedded within the U-label of an internationalized\n domain name. See the last bullet point in RFC 6125, Section 7.2.\n * Update of root certificates.\n", "published": "2014-05-16T02:04:19", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00005.html", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1520", "CVE-2014-1492", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2016-09-04T11:37:02"}, {"id": "SUSE-SU-2014:0665-2", "type": "suse", "title": "Security update for Mozilla Firefox (important)", "description": "This Mozilla Firefox update provides several security and non-security\n fixes.\n\n Mozilla Firefox has been updated to the 24.5.0esr version, which fixes the\n following issues:\n\n * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards\n * MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG\n images\n * MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object\n as XBL\n * MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web\n Notification API\n * MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history\n navigations\n * MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while\n resizing images\n * MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver\n\n Mozilla NSS has been updated to version 3.16\n\n * required for Firefox 29\n * CVE-2014-1492_ In a wildcard certificate, the wildcard character\n should not be embedded within the U-label of an internationalized\n domain name. See the last bullet point in RFC 6125, Section 7.2.\n * Update of root certificates.\n", "published": "2014-05-28T21:04:21", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00014.html", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1492", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2016-09-04T12:18:32"}, {"id": "SUSE-SU-2014:0638-1", "type": "suse", "title": "Security update for Mozilla Firefox (important)", "description": "This Mozilla Firefox and Mozilla NSS update to 24.5.0esr fixes the\n following several security and non-security issues:\n\n * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards\n * MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG\n images\n * MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object\n as XBL\n * MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web\n Notification API\n * MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history\n navigations\n * MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while\n resizing images\n * MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver\n\n Mozilla NSS has been updated to 3.16:\n\n * required for Firefox 29\n * CVE-2014-1492: In a wildcard certificate, the wildcard character\n should not be embedded within the U-label of an internationalized domain\n name. See the last bullet point in RFC 6125, Section 7.2.\n * Update of root certificates.\n", "published": "2014-05-14T01:04:17", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00003.html", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1520", "CVE-2014-1492", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2016-09-04T11:35:06"}, {"id": "OPENSUSE-SU-2014:1100-1", "type": "suse", "title": "Firefox update to 31.1esr (important)", "description": "This patch contains security updates for\n\n * mozilla-nss 3.16.4\n - The following 1024-bit root CA certificate was restored to allow more\n time to develop a better transition strategy for affected sites. It\n was removed in NSS 3.16.3, but discussion in the\n mozilla.dev.security.policy forum led to the decision to keep this\n root included longer in order to give website administrators more time\n to update their web servers.\n - CN = GTE CyberTrust Global Root\n * In NSS 3.16.3, the 1024-bit "Entrust.net Secure Server Certification\n Authority" root CA certificate was removed. In NSS 3.16.4, a 2048-bit\n intermediate CA certificate has been included, without explicit trust.\n The intention is to mitigate the effects of the previous removal of\n the 1024-bit Entrust.net root certificate, because many public\n Internet sites still use the "USERTrust Legacy Secure Server CA"\n intermediate certificate that is signed by the 1024-bit Entrust.net\n root certificate. The inclusion of the intermediate certificate is a\n temporary measure to allow those sites to function, by allowing them\n to find a trust path to another 2048-bit root CA certificate. The\n temporarily included intermediate certificate expires November 1, 2015.\n\n * Firefox 31.1esr Firefox is updated from 24esr to 31esr as maintenance\n for version 24 stopped\n\n", "published": "2014-09-09T18:04:16", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00004.html", "cvelist": ["CVE-2012-1945", "CVE-2011-3648", "CVE-2014-1505", "CVE-2014-1536", "CVE-2011-0061", "CVE-2011-0077", "CVE-2014-1513", "CVE-2012-0478", "CVE-2012-4193", "CVE-2012-0442", "CVE-2013-5601", "CVE-2013-1687", "CVE-2013-5612", "CVE-2013-1692", "CVE-2010-0654", "CVE-2012-1962", "CVE-2013-0743", "CVE-2012-0443", "CVE-2012-5842", "CVE-2012-4212", "CVE-2013-5595", "CVE-2010-0176", "CVE-2014-1530", "CVE-2011-0083", "CVE-2010-1203", "CVE-2013-1737", "CVE-2012-4214", "CVE-2008-1236", "CVE-2013-5611", "CVE-2012-1970", "CVE-2008-3835", "CVE-2013-1709", "CVE-2007-3738", "CVE-2012-3989", "CVE-2013-5616", "CVE-2013-1678", "CVE-2010-2762", "CVE-2012-5830", "CVE-2013-0763", "CVE-2014-1510", "CVE-2011-3026", "CVE-2012-0460", "CVE-2013-5613", "CVE-2012-1973", "CVE-2014-1522", "CVE-2011-3654", "CVE-2014-1567", "CVE-2012-1974", "CVE-2010-2766", "CVE-2012-4195", "CVE-2012-3986", "CVE-2013-0783", "CVE-2007-3734", "CVE-2011-2371", "CVE-2014-1481", "CVE-2013-1670", "CVE-2012-4185", "CVE-2010-3777", "CVE-2012-3991", "CVE-2013-1719", "CVE-2012-3968", "CVE-2013-1725", "CVE-2012-3963", "CVE-2014-1539", "CVE-2010-0174", "CVE-2012-0452", "CVE-2013-1735", "CVE-2012-1956", "CVE-2014-1487", "CVE-2012-3978", "CVE-2012-3985", "CVE-2013-0746", "CVE-2012-5829", "CVE-2009-1571", "CVE-2012-1944", "CVE-2012-5838", "CVE-2011-2986", "CVE-2010-1205", "CVE-2014-1538", "CVE-2012-4213", "CVE-2013-1685", "CVE-2012-0479", "CVE-2013-5609", "CVE-2007-3737", "CVE-2013-0766", "CVE-2007-3736", "CVE-2012-1940", "CVE-2013-1697", "CVE-2014-1484", "CVE-2014-1525", "CVE-2012-3993", "CVE-2013-5619", "CVE-2012-5837", "CVE-2008-5500", "CVE-2012-5836", "CVE-2014-1509", "CVE-2009-0772", "CVE-2013-0787", "CVE-2012-3995", "CVE-2012-4201", "CVE-2010-0159", "CVE-2009-0773", "CVE-2011-3659", "CVE-2011-3663", "CVE-2014-1494", "CVE-2014-1559", "CVE-2013-0747", "CVE-2012-0470", "CVE-2012-0446", "CVE-2008-4063", "CVE-2014-1537", "CVE-2013-1694", "CVE-2014-1523", "CVE-2012-1972", "CVE-2010-1200", "CVE-2010-0175", "CVE-2012-3988", "CVE-2012-0457", "CVE-2010-3778", "CVE-2012-3994", "CVE-2013-5615", "CVE-2013-1680", "CVE-2012-3962", "CVE-2012-0459", "CVE-2011-2362", "CVE-2014-1529", "CVE-2013-1724", "CVE-2010-1213", "CVE-2013-5597", "CVE-2012-5843", "CVE-2014-1543", "CVE-2014-1486", "CVE-2011-0085", "CVE-2013-5590", "CVE-2008-5510", "CVE-2011-0080", "CVE-2013-0780", "CVE-2008-5502", "CVE-2010-3765", "CVE-2013-1732", "CVE-2013-0744", "CVE-2013-0795", "CVE-2008-1237", "CVE-2013-1720", "CVE-2008-4070", "CVE-2013-0748", "CVE-2012-4183", "CVE-2010-3178", "CVE-2013-1679", "CVE-2007-3285", "CVE-2013-5610", "CVE-2013-0768", "CVE-2011-3661", "CVE-2012-4181", "CVE-2014-1532", "CVE-2013-6671", "CVE-2009-0040", "CVE-2011-3652", "CVE-2013-0755", "CVE-2008-4067", "CVE-2014-1548", "CVE-2011-2364", "CVE-2014-1531", "CVE-2013-0752", "CVE-2012-4186", "CVE-2014-1508", "CVE-2012-1948", "CVE-2008-5012", "CVE-2012-1938", "CVE-2013-0796", "CVE-2012-0449", "CVE-2010-3769", "CVE-2012-3969", "CVE-2014-1502", "CVE-2013-1723", "CVE-2013-0782", "CVE-2012-1953", "CVE-2012-1949", "CVE-2014-1542", "CVE-2012-0456", "CVE-2011-2372", "CVE-2010-3169", "CVE-2012-3970", "CVE-2011-0053", "CVE-2012-5840", "CVE-2010-3176", "CVE-2012-4191", "CVE-2010-3174", "CVE-2010-3768", "CVE-2014-1477", "CVE-2013-0800", "CVE-2010-1212", "CVE-2013-1681", "CVE-2010-1211", "CVE-2010-1121", "CVE-2013-0773", "CVE-2013-0754", "CVE-2010-3167", "CVE-2012-4202", "CVE-2010-3180", "CVE-2012-3957", "CVE-2011-3660", "CVE-2014-1540", "CVE-2014-1534", "CVE-2012-1941", "CVE-2013-1738", "CVE-2014-1482", "CVE-2014-1479", "CVE-2008-4066", "CVE-2008-5018", "CVE-2012-3984", "CVE-2014-1504", "CVE-2012-0444", "CVE-2011-3650", "CVE-2014-1511", "CVE-2010-2753", "CVE-2012-1946", "CVE-2010-3776", "CVE-2012-4182", "CVE-2008-1233", "CVE-2012-4187", "CVE-2012-3983", "CVE-2011-0062", "CVE-2008-0016", "CVE-2011-3101", "CVE-2010-3168", "CVE-2013-0788", "CVE-2013-1728", "CVE-2014-1545", "CVE-2010-0173", "CVE-2012-0472", "CVE-2013-5592", "CVE-2013-1730", "CVE-2008-4059", "CVE-2010-2764", "CVE-2014-1492", "CVE-2011-0081", "CVE-2009-0771", "CVE-2007-3670", "CVE-2012-1954", "CVE-2009-0774", "CVE-2014-1556", "CVE-2012-0461", "CVE-2011-2376", "CVE-2012-3958", "CVE-2012-0469", "CVE-2014-1563", "CVE-2014-1524", "CVE-2014-1512", "CVE-2012-1975", "CVE-2011-0075", "CVE-2013-1690", "CVE-2012-0464", "CVE-2013-0775", "CVE-2012-1967", "CVE-2013-5604", "CVE-2014-1514", "CVE-2010-3166", "CVE-2011-0074", "CVE-2013-0801", "CVE-2012-3956", "CVE-2010-2769", "CVE-2012-3982", "CVE-2009-3555", "CVE-2013-1714", "CVE-2011-2989", "CVE-2010-1196", "CVE-2008-5021", "CVE-2008-5017", "CVE-2013-0769", "CVE-2012-3966", "CVE-2013-0771", "CVE-2014-1490", "CVE-2012-5839", "CVE-2013-0757", "CVE-2014-1498", "CVE-2012-1961", "CVE-2010-3173", "CVE-2012-4216", "CVE-2008-4062", "CVE-2010-3179", "CVE-2010-0182", "CVE-2014-1565", "CVE-2012-3967", "CVE-2013-0749", "CVE-2011-3651", "CVE-2008-4060", "CVE-2007-3656", "CVE-2008-1234", "CVE-2012-1951", "CVE-2012-0475", "CVE-2014-1555", "CVE-2014-1564", "CVE-2012-1952", "CVE-2010-1201", "CVE-2013-0761", "CVE-2013-1669", "CVE-2010-1585", "CVE-2012-3959", "CVE-2012-0455", "CVE-2014-1558", "CVE-2011-0084", "CVE-2012-0759", "CVE-2007-3089", "CVE-2014-1519", "CVE-2013-1701", "CVE-2012-0474", "CVE-2012-3975", "CVE-2010-2768", "CVE-2008-5014", "CVE-2013-1684", "CVE-2008-4058", "CVE-2012-4184", "CVE-2012-0447", "CVE-2014-1547", "CVE-2011-3232", "CVE-2012-4205", "CVE-2014-1480", "CVE-2014-1500", "CVE-2011-0069", "CVE-2013-6630", "CVE-2008-5022", "CVE-2008-5512", "CVE-2014-1497", "CVE-2013-5596", "CVE-2012-3992", "CVE-2008-1235", "CVE-2013-1676", "CVE-2013-0789", "CVE-2008-5501", "CVE-2008-4068", "CVE-2008-5016", "CVE-2013-1675", "CVE-2014-1478", "CVE-2012-3980", "CVE-2008-5503", "CVE-2011-2374", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-0445", "CVE-2012-0462", "CVE-2012-4217", "CVE-2013-1686", "CVE-2013-0745", "CVE-2013-0756", "CVE-2012-4218", "CVE-2013-0760", "CVE-2011-2377", "CVE-2014-1485", "CVE-2014-1493", "CVE-2007-3735", "CVE-2011-3000", "CVE-2010-2765", "CVE-2014-1544", "CVE-2010-2767", "CVE-2011-0078", "CVE-2012-3960", "CVE-2010-3175", "CVE-2012-0451", "CVE-2011-3655", "CVE-2012-4180", "CVE-2013-0767", "CVE-2010-3182", "CVE-2009-0776", "CVE-2013-5603", "CVE-2012-1959", "CVE-2011-2363", "CVE-2011-0070", "CVE-2013-1682", "CVE-2012-1947", "CVE-2013-6673", "CVE-2013-1674", "CVE-2013-0762", "CVE-2014-1562", "CVE-2010-3170", "CVE-2011-3005", "CVE-2012-4208", "CVE-2011-3658", "CVE-2014-1541", "CVE-2011-2373", "CVE-2008-5511", "CVE-2011-2992", "CVE-2014-1488", "CVE-2012-1957", "CVE-2012-1958", "CVE-2008-4064", "CVE-2012-1976", "CVE-2011-1187", "CVE-2012-5835", "CVE-2014-1552", "CVE-2010-3183", "CVE-2010-1202", "CVE-2012-0468", "CVE-2013-5599", "CVE-2014-1553", "CVE-2014-1549", "CVE-2013-1713", "CVE-2008-5508", "CVE-2012-3972", "CVE-2012-4207", "CVE-2011-2988", "CVE-2008-4061", "CVE-2013-5591", "CVE-2010-1199", "CVE-2012-4204", "CVE-2013-5602", "CVE-2011-2985", "CVE-2012-4192", "CVE-2011-2987", "CVE-2012-4188", "CVE-2012-0441", "CVE-2013-0774", "CVE-2008-5024", "CVE-2013-0753", "CVE-2012-5833", "CVE-2014-1557", "CVE-2013-1736", "CVE-2014-1526", "CVE-2013-0776", "CVE-2012-3964", "CVE-2013-5593", "CVE-2014-1550", "CVE-2013-1718", "CVE-2012-5841", "CVE-2014-1533", "CVE-2013-1717", "CVE-2010-2754", "CVE-2008-5507", "CVE-2012-3990", "CVE-2014-1491", "CVE-2013-6672", "CVE-2013-5614", "CVE-2008-4065", "CVE-2013-1693", "CVE-2010-2760", "CVE-2013-0750", "CVE-2012-1937", "CVE-2014-1560", "CVE-2012-4215", "CVE-2013-6629", "CVE-2012-0463", "CVE-2013-1677", "CVE-2011-2991", "CVE-2013-0770", "CVE-2013-0793", "CVE-2012-4179", "CVE-2011-3001", "CVE-2014-1483", "CVE-2014-1489", "CVE-2011-3062", "CVE-2012-0477", "CVE-2013-1722", "CVE-2012-0473", "CVE-2012-4194", "CVE-2011-2365", "CVE-2012-4209", "CVE-2012-1963", "CVE-2012-4196", "CVE-2008-5506", "CVE-2013-1710", "CVE-2012-0467", "CVE-2012-0458", "CVE-2013-0758", "CVE-2013-5600", "CVE-2010-2752", "CVE-2014-1499", "CVE-2014-1518", "CVE-2012-0471", "CVE-2012-3961", "CVE-2014-1561", "CVE-2012-3971", "CVE-2013-0764", "CVE-2014-1528", "CVE-2013-5618", "CVE-2011-0072"], "lastseen": "2016-09-04T12:21:58"}], "openvas": [{"id": "OPENVAS:1361412562310850748", "type": "openvas", "title": "SuSE Update for Mozilla SUSE-SU-2014:0638-1 (Mozilla)", "description": "Check the version of Mozilla", "published": "2015-10-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850748", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1520", "CVE-2014-1492", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2017-12-12T11:15:34"}, {"id": "OPENVAS:1361412562310850986", "type": "openvas", "title": "SuSE Update for Mozilla SUSE-SU-2014:0665-1 (Mozilla)", "description": "Check the version of Mozilla", "published": "2015-10-16T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850986", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1492", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2017-12-12T11:16:09"}, {"id": "OPENVAS:1361412562310881929", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2014:0449 centos6 ", "description": "Check for the Version of thunderbird", "published": "2014-05-05T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881929", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2018-04-09T11:12:13"}, {"id": "OPENVAS:1361412562310702924", "type": "openvas", "title": "Debian Security Advisory DSA 2924-1 (icedove - security update)", "description": "Multiple security issues have been found in Icedove, Debian's version\nof the Mozilla Thunderbird mail and news client: multiple memory safety\nerrors, buffer overflows, missing permission checks, out of bound reads,\nuse-after-frees and other implementation errors may lead to the\nexecution of arbitrary code, privilege escalation, cross-site scripting\nor denial of service.", "published": "2014-05-05T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702924", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2018-04-06T11:11:24"}, {"id": "OPENVAS:1361412562310123418", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-0448", "description": "Oracle Linux Local Security Checks ELSA-2014-0448", "published": "2015-10-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123418", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2017-07-24T12:52:20"}, {"id": "OPENVAS:1361412562310881930", "type": "openvas", "title": "CentOS Update for firefox CESA-2014:0448 centos5 ", "description": "Check for the Version of firefox", "published": "2014-05-05T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881930", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2018-04-09T11:14:03"}, {"id": "OPENVAS:841803", "type": "openvas", "title": "Ubuntu Update for thunderbird USN-2189-1", "description": "Check for the Version of thunderbird", "published": "2014-05-05T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=841803", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2017-12-04T11:17:16"}, {"id": "OPENVAS:881928", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2014:0449 centos5 ", "description": "Check for the Version of thunderbird", "published": "2014-05-05T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=881928", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2017-07-25T10:48:53"}, {"id": "OPENVAS:1361412562310804564", "type": "openvas", "title": "Mozilla Firefox ESR Multiple Vulnerabilities-01 May14 (Windows)", "description": "This host is installed with Mozilla Firefox ESR and is prone to multiple\nvulnerabilities.", "published": "2014-05-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804564", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1520", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2017-08-01T10:48:28"}, {"id": "OPENVAS:1361412562310871163", "type": "openvas", "title": "RedHat Update for firefox RHSA-2014:0448-01", "description": "Check for the Version of firefox", "published": "2014-05-05T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871163", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2018-04-09T11:11:20"}], "nessus": [{"id": "FEDORA_2014-5833.NASL", "type": "nessus", "title": "Fedora 20 : firefox-29.0-5.fc20 / thunderbird-24.5.0-1.fc20 / xulrunner-29.0-1.fc20 (2014-5833)", "description": "Update to latest upstream.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2014-05-02T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=73819", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1520", "CVE-2014-1524", "CVE-2014-1519", "CVE-2014-1518"], "lastseen": "2017-10-29T13:43:44"}, {"id": "SL_20140429_THUNDERBIRD_ON_SL5_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64", "description": "Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531)\n\nA use-after-free flaw was found in the way Thunderbird resolved hosts in certain circumstances. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1532)\n\nAn out-of-bounds read flaw was found in the way Thunderbird decoded JPEG images. Loading an email or a web page containing a specially crafted JPEG image could cause Thunderbird to crash. (CVE-2014-1523)\n\nA flaw was found in the way Thunderbird handled browser navigations through history. An attacker could possibly use this flaw to cause the address bar of the browser to display a web page name while loading content from an entirely different web page, which could allow for cross- site scripting (XSS) attacks. (CVE-2014-1530)\n\nNote: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed.\n\nAfter installing the update, Thunderbird must be restarted for the changes to take effect.", "published": "2014-05-01T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=73798", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2017-10-29T13:34:47"}, {"id": "MOZILLA_THUNDERBIRD_24_5.NASL", "type": "nessus", "title": "Mozilla Thunderbird < 24.5 Multiple Vulnerabilities", "description": "The installed version of Thunderbird is a version prior to 24.5 and is, therefore, potentially affected by the following vulnerabilities:\n\n - Memory issues exist that could lead to arbitrary code execution. (CVE-2014-1518, CVE-2014-1519)\n\n - An out-of-bounds read issue exists when decoding certain JPG images that could lead to a denial of service. (CVE-2014-1523)\n\n - A memory corruption issue exists due to improper validation of XBL objects that could lead to arbitrary code execution. (CVE-2014-1524)\n\n - A security bypass issue exists in the Web Notification API that could lead to arbitrary code execution.\n (CVE-2014-1529)\n\n - A cross-site scripting issue exists that could allow an attacker to load another website other than the URL for the website that is shown in the address bar.\n (CVE-2014-1530)\n\n - A use-after-free issue exists due to an 'imgLoader' object being freed when being resized. This issue could lead to arbitrary code execution. (CVE-2014-1531)\n\n - A use-after-free issue exists during host resolution that could lead to arbitrary code execution.\n (CVE-2014-1532)", "published": "2014-04-29T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=73770", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1519", "CVE-2014-1518"], "lastseen": "2017-12-28T23:04:21"}, {"id": "SUSE_SU-2014-0665-1.NASL", "type": "nessus", "title": "SUSE SLES11 Security Update : Mozilla Firefox (SUSE-SU-2014:0665-1)", "description": "This Mozilla Firefox and Mozilla NSS update fixes several security and non-security issues.\n\nMozilla Firefox has been updated to 24.5.0esr which fixes the following issues :\n\n - MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards\n\n - MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG images\n\n - MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object as XBL\n\n - MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web Notification API\n\n - MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history navigations\n\n - MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while resizing images\n\n - MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver\n\nMozilla NSS has been updated to 3.16\n\n - required for Firefox 29\n\n - CVE-2014-1492_ In a wildcard certificate, the wildcard character should not be embedded within the U-label of an internationalized domain name. See the last bullet point in RFC 6125, Section 7.2.\n\n - Update of root certificates.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-05-20T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=83621", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1492", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2017-10-29T13:41:44"}, {"id": "MACOSX_FIREFOX_24_5_ESR.NASL", "type": "nessus", "title": "Firefox ESR 24.x < 24.5 Multiple Vulnerabilities (Mac OS X)", "description": "The installed version of Firefox ESR 24.x is prior to 24.5 and is, therefore, potentially affected by the following vulnerabilities :\n\n - Memory issues exist that could lead to arbitrary code execution. (CVE-2014-1518, CVE-2014-1519)\n\n - An out-of-bounds read issue exists when decoding certain JPG images that could lead to a denial of service. (CVE-2014-1523)\n\n - A memory corruption issue exists due to improper validation of XBL objects that could lead to arbitrary code execution. (CVE-2014-1524)\n\n - A security bypass issue exists in the Web Notification API that could lead to arbitrary code execution.\n (CVE-2014-1529)\n\n - A cross-site scripting issue exists that could allow an attacker to load another website other than the URL for the website that is shown in the address bar.\n (CVE-2014-1530)\n\n - A use-after-free issue exists due to an 'imgLoader' object being freed when being resized. This issue could lead to arbitrary code execution. (CVE-2014-1531)\n\n - A use-after-free issue exists during host resolution that could lead to arbitrary code execution.\n (CVE-2014-1532)", "published": "2014-04-29T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=73765", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1519", "CVE-2014-1518"], "lastseen": "2017-12-28T23:03:42"}, {"id": "DEBIAN_DSA-2918.NASL", "type": "nessus", "title": "Debian DSA-2918-1 : iceweasel - security update", "description": "Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows, missing permission checks, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, privilege escalation, cross-site scripting or denial of service.", "published": "2014-05-03T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=73844", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2017-12-28T23:04:26"}, {"id": "REDHAT-RHSA-2014-0449.NASL", "type": "nessus", "title": "RHEL 5 / 6 : thunderbird (RHSA-2014:0449)", "description": "An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531)\n\nA use-after-free flaw was found in the way Thunderbird resolved hosts in certain circumstances. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1532)\n\nAn out-of-bounds read flaw was found in the way Thunderbird decoded JPEG images. Loading an email or a web page containing a specially crafted JPEG image could cause Thunderbird to crash. (CVE-2014-1523)\n\nA flaw was found in the way Thunderbird handled browser navigations through history. An attacker could possibly use this flaw to cause the address bar of the browser to display a web page name while loading content from an entirely different web page, which could allow for cross-site scripting (XSS) attacks. (CVE-2014-1530)\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler, Abhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith and Jesse Schwartzentrube as the original reporters of these issues.\n\nNote: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed.\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.5.0. You can find a link to the Mozilla advisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.5.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes to take effect.", "published": "2014-04-30T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=73782", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2017-12-28T23:01:21"}, {"id": "SUSE_SU-2014-0727-1.NASL", "type": "nessus", "title": "SUSE SLES10 Security Update : Mozilla Firefox (SUSE-SU-2014:0727-1)", "description": "This Mozilla Firefox update provides several security and non-security fixes.\n\nMozilla Firefox has been updated to 24.5.0esr, which fixes the following issues :\n\n - MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards\n\n - MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG images\n\n - MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object as XBL\n\n - MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web Notification API\n\n - MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history navigations\n\n - MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while resizing images\n\n - MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver\n\nMozilla NSS has been updated to 3.16\n\n - required for Firefox 29\n\n - CVE-2014-1492_ In a wildcard certificate, the wildcard character should not be embedded within the U-label of an internationalized domain name. See the last bullet point in RFC 6125, Section 7.2.\n\n - Update of root certificates.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-05-20T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=83624", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1492", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2017-10-29T13:37:57"}, {"id": "CENTOS_RHSA-2014-0449.NASL", "type": "nessus", "title": "CentOS 5 / 6 : thunderbird (CESA-2014:0449)", "description": "An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531)\n\nA use-after-free flaw was found in the way Thunderbird resolved hosts in certain circumstances. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1532)\n\nAn out-of-bounds read flaw was found in the way Thunderbird decoded JPEG images. Loading an email or a web page containing a specially crafted JPEG image could cause Thunderbird to crash. (CVE-2014-1523)\n\nA flaw was found in the way Thunderbird handled browser navigations through history. An attacker could possibly use this flaw to cause the address bar of the browser to display a web page name while loading content from an entirely different web page, which could allow for cross-site scripting (XSS) attacks. (CVE-2014-1530)\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler, Abhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith and Jesse Schwartzentrube as the original reporters of these issues.\n\nNote: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed.\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.5.0. You can find a link to the Mozilla advisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.5.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes to take effect.", "published": "2014-05-01T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=73791", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2017-12-28T22:59:25"}, {"id": "DEBIAN_DSA-2924.NASL", "type": "nessus", "title": "Debian DSA-2924-1 : icedove - security update", "description": "Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: multiple memory safety errors, buffer overflows, missing permission checks, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, privilege escalation, cross-site scripting or denial of service.", "published": "2014-05-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=73869", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2017-10-29T13:40:02"}], "redhat": [{"id": "RHSA-2014:0448", "type": "redhat", "title": "(RHSA-2014:0448) Critical: firefox security update", "description": "Mozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531)\n\nA use-after-free flaw was found in the way Firefox resolved hosts in\ncertain circumstances. An attacker could use this flaw to crash Firefox or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2014-1532)\n\nAn out-of-bounds read flaw was found in the way Firefox decoded JPEG\nimages. Loading a web page containing a specially crafted JPEG image could\ncause Firefox to crash. (CVE-2014-1523)\n\nA flaw was found in the way Firefox handled browser navigations through\nhistory. An attacker could possibly use this flaw to cause the address bar\nof the browser to display a web page name while loading content from an\nentirely different web page, which could allow for cross-site scripting\n(XSS) attacks. (CVE-2014-1530)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary\nKwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler,\nAbhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith, and Jesse\nSchwartzentrube as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 24.5.0 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Firefox users should upgrade to this updated package, which contains\nFirefox version 24.5.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\n", "published": "2014-04-29T04:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2014:0448", "cvelist": ["CVE-2014-1518", "CVE-2014-1523", "CVE-2014-1524", "CVE-2014-1529", "CVE-2014-1530", "CVE-2014-1531", "CVE-2014-1532"], "lastseen": "2017-09-09T07:19:47"}, {"id": "RHSA-2014:0449", "type": "redhat", "title": "(RHSA-2014:0449) Important: thunderbird security update", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531)\n\nA use-after-free flaw was found in the way Thunderbird resolved hosts in\ncertain circumstances. An attacker could use this flaw to crash Thunderbird\nor, potentially, execute arbitrary code with the privileges of the user\nrunning Thunderbird. (CVE-2014-1532)\n\nAn out-of-bounds read flaw was found in the way Thunderbird decoded JPEG\nimages. Loading an email or a web page containing a specially crafted JPEG\nimage could cause Thunderbird to crash. (CVE-2014-1523)\n\nA flaw was found in the way Thunderbird handled browser navigations through\nhistory. An attacker could possibly use this flaw to cause the address bar\nof the browser to display a web page name while loading content from an\nentirely different web page, which could allow for cross-site scripting\n(XSS) attacks. (CVE-2014-1530)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary\nKwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler,\nAbhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith and Jesse\nSchwartzentrube as the original reporters of these issues.\n\nNote: All of the above issues cannot be exploited by a specially crafted\nHTML mail message as JavaScript is disabled by default for mail messages.\nThey could be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Thunderbird 24.5.0. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 24.5.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes\nto take effect.\n", "published": "2014-04-29T04:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2014:0449", "cvelist": ["CVE-2014-1518", "CVE-2014-1523", "CVE-2014-1524", "CVE-2014-1529", "CVE-2014-1530", "CVE-2014-1531", "CVE-2014-1532"], "lastseen": "2017-09-09T07:19:57"}], "debian": [{"id": "DSA-2918", "type": "debian", "title": "iceweasel -- security update", "description": "Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows, missing permission checks, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, privilege escalation, cross-site scripting or denial of service.\n\nFor the stable distribution (wheezy), these problems have been fixed in version 24.5.0esr-1~deb7u1.\n\nFor the unstable distribution (sid), these problems have been fixed in version 24.5.0esr-1.\n\nWe recommend that you upgrade your iceweasel packages.", "published": "2014-04-30T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.debian.org/security/dsa-2918", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2016-09-02T18:24:40"}, {"id": "DSA-2924", "type": "debian", "title": "icedove -- security update", "description": "Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: multiple memory safety errors, buffer overflows, missing permission checks, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, privilege escalation, cross-site scripting or denial of service.\n\nFor the stable distribution (wheezy), these problems have been fixed in version 24.5.0-1~deb7u1.\n\nFor the testing distribution (jessie), these problems have been fixed in version 24.5.0-1.\n\nFor the unstable distribution (sid), these problems have been fixed in version 24.5.0-1.\n\nWe recommend that you upgrade your icedove packages.", "published": "2014-05-05T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.debian.org/security/dsa-2924", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2017-11-11T03:14:04"}], "oraclelinux": [{"id": "ELSA-2014-0449", "type": "oraclelinux", "title": "thunderbird security update", "description": "[24.5.0-1.0.1]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[24.5.0-1]\n- Update to 24.5.0", "published": "2014-04-30T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2014-0449.html", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2016-09-04T11:16:38"}, {"id": "ELSA-2014-0448", "type": "oraclelinux", "title": "firefox security update", "description": "[24.5.0-1.0.1]\n- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one\n- Build with nspr-devel >= 4.10.0 to fix build failure\n[24.5.0-1]\n- Update to 24.5.0 ESR\n[24.4.0-3]\n- Added a workaround for Bug 1054242 - RHEVM: Extremely high memory\n usage in Firefox 24 ESR on RHEL 6.5\n[24.4.0-2]\n- fixed rhbz#1067343 - Broken languagepack configuration\n after firefox update", "published": "2014-04-30T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2014-0448.html", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2016-09-04T11:16:50"}], "centos": [{"id": "CESA-2014:0449", "type": "centos", "title": "thunderbird security update", "description": "**CentOS Errata and Security Advisory** CESA-2014:0449\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531)\n\nA use-after-free flaw was found in the way Thunderbird resolved hosts in\ncertain circumstances. An attacker could use this flaw to crash Thunderbird\nor, potentially, execute arbitrary code with the privileges of the user\nrunning Thunderbird. (CVE-2014-1532)\n\nAn out-of-bounds read flaw was found in the way Thunderbird decoded JPEG\nimages. Loading an email or a web page containing a specially crafted JPEG\nimage could cause Thunderbird to crash. (CVE-2014-1523)\n\nA flaw was found in the way Thunderbird handled browser navigations through\nhistory. An attacker could possibly use this flaw to cause the address bar\nof the browser to display a web page name while loading content from an\nentirely different web page, which could allow for cross-site scripting\n(XSS) attacks. (CVE-2014-1530)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary\nKwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler,\nAbhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith and Jesse\nSchwartzentrube as the original reporters of these issues.\n\nNote: All of the above issues cannot be exploited by a specially crafted\nHTML mail message as JavaScript is disabled by default for mail messages.\nThey could be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Thunderbird 24.5.0. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 24.5.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes\nto take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-April/020272.html\nhttp://lists.centos.org/pipermail/centos-announce/2014-April/020276.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-0449.html", "published": "2014-04-30T12:17:04", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2014-April/020272.html", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2017-10-03T18:26:06"}, {"id": "CESA-2014:0448", "type": "centos", "title": "firefox security update", "description": "**CentOS Errata and Security Advisory** CESA-2014:0448\n\n\nMozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531)\n\nA use-after-free flaw was found in the way Firefox resolved hosts in\ncertain circumstances. An attacker could use this flaw to crash Firefox or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2014-1532)\n\nAn out-of-bounds read flaw was found in the way Firefox decoded JPEG\nimages. Loading a web page containing a specially crafted JPEG image could\ncause Firefox to crash. (CVE-2014-1523)\n\nA flaw was found in the way Firefox handled browser navigations through\nhistory. An attacker could possibly use this flaw to cause the address bar\nof the browser to display a web page name while loading content from an\nentirely different web page, which could allow for cross-site scripting\n(XSS) attacks. (CVE-2014-1530)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary\nKwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler,\nAbhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith, and Jesse\nSchwartzentrube as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 24.5.0 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Firefox users should upgrade to this updated package, which contains\nFirefox version 24.5.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-April/020273.html\nhttp://lists.centos.org/pipermail/centos-announce/2014-April/020274.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-0448.html", "published": "2014-04-30T12:17:25", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2014-April/020273.html", "cvelist": ["CVE-2014-1530", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1524", "CVE-2014-1518"], "lastseen": "2017-10-03T18:26:49"}], "ubuntu": [{"id": "USN-2185-1", "type": "ubuntu", "title": "Firefox vulnerabilities", "description": "Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, John Schoenick, Karl Tomlinson, Vladimir Vukicevic and Christian Holler discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-1518, CVE-2014-1519)\n\nAn out of bounds read was discovered in Web Audio. An attacker could potentially exploit this cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-1522)\n\nAbhishek Arya discovered an out of bounds read when decoding JPG images. An attacker could potentially exploit this to cause a denial of service via application crash. (CVE-2014-1523)\n\nAbhishek Arya discovered a buffer overflow when a script uses a non-XBL object as an XBL object. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-1524)\n\nAbhishek Arya discovered a use-after-free in the Text Track Manager when processing HTML video. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-1525)\n\nJukka Jyl\u00e4nki discovered an out-of-bounds write in Cairo when working with canvas in some circumstances. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-1528)\n\nMariusz Mlynski discovered that sites with notification permissions can run script in a privileged context in some circumstances. An attacker could exploit this to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-1529)\n\nIt was discovered that browser history navigations could be used to load a site with the addressbar displaying the wrong address. An attacker could potentially exploit this to conduct cross-site scripting or phishing attacks. (CVE-2014-1530)\n\nA use-after-free was discovered when resizing images in some circumstances. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-1531)\n\nChristian Heimes discovered that NSS did not handle IDNA domain prefixes correctly for wildcard certificates. An attacker could potentially exploit this by using a specially crafted certificate to conduct a man-in-the-middle attack. (CVE-2014-1492)\n\nTyson Smith and Jesse Schwartzentruber discovered a use-after-free during host resolution in some circumstances. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-1532)\n\nBoris Zbarsky discovered that the debugger bypassed XrayWrappers for some objects. If a user were tricked in to opening a specially crafted website whilst using the debugger, an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-1526)", "published": "2014-04-29T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/2185-1/", "cvelist": ["CVE-2014-1530", "CVE-2014-1522", "CVE-2014-1525", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1492", "CVE-2014-1524", "CVE-2014-1519", "CVE-2014-1526", "CVE-2014-1518", "CVE-2014-1528"], "lastseen": "2018-03-29T18:18:34"}], "freebsd": [{"id": "985D4D6C-CFBD-11E3-A003-B4B52FCE4CE8", "type": "freebsd", "title": "mozilla -- multiple vulnerabilities", "description": "\nThe Mozilla Project reports:\n\nMFSA 2014-34 Miscellaneous memory safety hazards\n\t (rv:29.0 / rv:24.5)\nMFSA 2014-35 Privilege escalation through Mozilla Maintenance\n\t Service Installer\nMFSA 2014-36 Web Audio memory corruption issues\nMFSA 2014-37 Out of bounds read while decoding JPG images\nMFSA 2014-38 Buffer overflow when using non-XBL object as\n\t XBL\nMFSA 2014-39 Use-after-free in the Text Track Manager\n\t for HTML video\nMFSA 2014-41 Out-of-bounds write in Cairo\nMFSA 2014-42 Privilege escalation through Web Notification\n\t API\nMFSA 2014-43 Cross-site scripting (XSS) using history\n\t navigations\nMFSA 2014-44 Use-after-free in imgLoader while resizing\n\t images\nMFSA 2014-45 Incorrect IDNA domain name matching for\n\t wildcard certificates\nMFSA 2014-46 Use-after-free in nsHostResolve\nMFSA 2014-47 Debugger can bypass XrayWrappers\n\t with JavaScript\n\n", "published": "2014-04-29T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vuxml.freebsd.org/freebsd/985d4d6c-cfbd-11e3-a003-b4b52fce4ce8.html", "cvelist": ["CVE-2014-1530", "CVE-2014-1527", "CVE-2014-1522", "CVE-2014-1525", "CVE-2014-1523", "CVE-2014-1529", "CVE-2014-1532", "CVE-2014-1531", "CVE-2014-1520", "CVE-2014-1492", "CVE-2014-1524", "CVE-2014-1519", "CVE-2014-1526", "CVE-2014-1518", "CVE-2014-1528"], "lastseen": "2016-09-26T17:24:25"}], "gentoo": [{"id": "GLSA-201504-01", "type": "gentoo", "title": "Mozilla Products: Multiple vulnerabilities", "description": "### Background\n\nMozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the \u2018Mozilla Application Suite\u2019. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Firefox, Thunderbird, and SeaMonkey. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, spoof the address bar, conduct clickjacking attacks, bypass security restrictions and protection mechanisms, or have other unspecified impact. \n\n### Workaround\n\nThere are no known workarounds at this time.\n\n### Resolution\n\nAll firefox users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-31.5.3\"\n \n\nAll firefox-bin users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-bin-31.5.3\"\n \n\nAll thunderbird users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=mail-client/thunderbird-31.5.0\"\n \n\nAll thunderbird-bin users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=mail-client/thunderbird-bin-31.5.0\"\n \n\nAll seamonkey users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/seamonkey-2.33.1\"\n \n\nAll seamonkey-bin users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/seamonkey-bin-2.33.1\"\n \n\nAll nspr users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/nspr-4.10.6\"", "published": "2015-04-07T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/201504-01", "cvelist": ["CVE-2015-0824", "CVE-2014-1505", "CVE-2014-1536", "CVE-2014-1577", "CVE-2014-1513", "CVE-2013-5601", "CVE-2013-5612", "CVE-2015-0831", "CVE-2013-5595", "CVE-2014-1530", "CVE-2014-1590", "CVE-2014-1586", "CVE-2014-1583", "CVE-2015-0832", "CVE-2013-5616", "CVE-2013-5607", "CVE-2014-1510", "CVE-2014-1566", "CVE-2013-5598", "CVE-2013-5613", "CVE-2014-1522", "CVE-2014-1587", "CVE-2014-1567", "CVE-2014-1481", "CVE-2014-1539", "CVE-2014-1487", "CVE-2015-0825", "CVE-2014-1594", "CVE-2014-1538", "CVE-2013-5609", "CVE-2015-0821", "CVE-2014-1525", "CVE-2013-5619", "CVE-2014-1509", "CVE-2014-1494", "CVE-2014-1559", "CVE-2014-1537", "CVE-2014-1582", "CVE-2014-1523", "CVE-2014-1576", "CVE-2014-8631", "CVE-2013-5615", "CVE-2014-1529", "CVE-2015-0828", "CVE-2013-5597", "CVE-2014-1543", "CVE-2014-1486", "CVE-2013-5590", "CVE-2013-5605", "CVE-2013-5610", "CVE-2014-1532", "CVE-2013-6671", "CVE-2014-1548", "CVE-2014-1584", "CVE-2014-1588", "CVE-2015-0826", "CVE-2014-1531", "CVE-2014-1508", "CVE-2014-1502", "CVE-2014-1542", "CVE-2014-1477", "CVE-2014-1578", "CVE-2013-1741", "CVE-2014-1540", "CVE-2014-1534", "CVE-2014-8642", "CVE-2014-1482", "CVE-2014-8637", "CVE-2014-1479", "CVE-2014-1504", "CVE-2014-8636", "CVE-2014-1580", "CVE-2014-1511", "CVE-2015-0819", "CVE-2014-1520", "CVE-2015-0834", "CVE-2014-1545", "CVE-2013-5592", "CVE-2014-1492", "CVE-2014-1556", "CVE-2013-5606", "CVE-2015-0818", "CVE-2014-1563", "CVE-2014-1524", "CVE-2014-8632", "CVE-2014-1512", "CVE-2014-1581", "CVE-2013-5604", "CVE-2014-1514", "CVE-2014-1592", "CVE-2014-8641", "CVE-2014-1490", "CVE-2015-0835", "CVE-2014-1498", "CVE-2014-1589", "CVE-2014-1565", "CVE-2014-1568", "CVE-2014-1555", "CVE-2014-1564", "CVE-2014-1574", "CVE-2014-1558", "CVE-2014-1551", "CVE-2014-1519", "CVE-2014-1547", "CVE-2014-1480", "CVE-2014-5369", "CVE-2014-1500", "CVE-2014-1497", "CVE-2013-5596", "CVE-2014-1478", "CVE-2014-1485", "CVE-2015-0817", "CVE-2014-1493", "CVE-2014-1544", "CVE-2014-8634", "CVE-2013-2566", "CVE-2015-0823", "CVE-2013-5603", "CVE-2013-6673", "CVE-2014-1562", "CVE-2015-0836", "CVE-2014-1541", "CVE-2014-1488", "CVE-2014-1552", "CVE-2013-5599", "CVE-2014-1553", "CVE-2014-8639", "CVE-2015-0829", "CVE-2014-1549", "CVE-2013-5591", "CVE-2013-5602", "CVE-2015-0822", "CVE-2014-1496", "CVE-2014-1554", "CVE-2015-0830", "CVE-2015-0827", "CVE-2014-8640", "CVE-2014-1557", "CVE-2014-1526", "CVE-2013-5593", "CVE-2014-1550", "CVE-2014-1533", "CVE-2014-1491", "CVE-2013-6672", "CVE-2013-5614", "CVE-2014-1575", "CVE-2014-8635", "CVE-2014-8638", "CVE-2014-1560", "CVE-2014-1585", "CVE-2014-1483", "CVE-2014-1489", "CVE-2014-1591", "CVE-2014-1593", "CVE-2015-0820", "CVE-2013-5600", "CVE-2014-1499", "CVE-2014-1518", "CVE-2014-1561", "CVE-2015-0833", "CVE-2013-5618"], "lastseen": "2016-09-06T19:46:40"}]}}