Mozilla Firefox / Thunderbird Multiple Vulnerabilities

Last Update Date: 5 Sep 2014 Release Date: 4 Sep 2014 3709 Views

RISK: High Risk

High Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multiple vulnerabilities have been identified in Mozilla Firefox and Thunderbird, which can be exploited by malicious people to disclose potentially sensitive information and compromise a user's system.

  1. Some unspecified errors can be exploited to cause memory corruption.
  2. A use-after-free error during cycle collection when animating SVG content, and when setting text directionality, can be exploited to cause memory corruption.
  3. An error when decoding GIF images can be exploited to disclose uninitialized memory contents via specially crafted GIF files.
  4. An out-of-bounds read error when creating an audio timeline in Web Audio can be exploited to disclose memory contents.

Impact

  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • Firefox versions prior to 32, ESR 24.8
  • Thunderbird versions prior to 31.1

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to Firefox version 32, ESR 24.8, Thunderbird version 31.1.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Apache HTTP Server Multiple vulnerabilities

5 Sep 2014 4183 Views

Next

LibreOffice Multiple Vulnerabilities

4 Sep 2014 3642 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY