- Home
- CVEs with nessus.description==The installed version of Firefox ESR 24.x is a version prior to 24.4.
It is, therefore, potentially affected by the following vulnerabilities :
- Memory issues exist that could lead to arbitrary code execution. (CVE-2014-1493, CVE-2014-1494)
- A flaw exists in the checkHandshake() function due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to corrupt memory, resulting in the execution of arbitrary code. (CVE-2014-1495)
- An issue exists where extracted files for updates are not read-only while updating. An attacker may be able to modify these extracted files resulting in privilege escalation. (CVE-2014-1496)
- An out-of-bounds read error exists when decoding WAV format audio files that could lead to a denial of service attack or information disclosure.
(CVE-2014-1497)
- An out-of-bounds read error exists when polygons are rendered in 'MathML' that could lead to information disclosure. (CVE-2014-1508)
- A memory corruption issue exists in the Cairo graphics library when rendering a PDF file that could lead to arbitrary code execution or a denial of service attack.
(CVE-2014-1509)
- An issue exists in the SVG filters and the feDisplacementMap element that could lead to information disclosure via timing attacks.
(CVE-2014-1505)
- An issue exists that could allow malicious websites to load chrome-privileged pages when JavaScript implemented WebIDL calls the 'window.open()' function, which could result in arbitrary code execution.
(CVE-2014-1510)
- An issue exists that could allow a malicious website to bypass the pop-up blocker. (CVE-2014-1511)
- A use-after-free memory issue exists in 'TypeObjects' in the JavaScript engine during Garbage Collection that could lead to arbitrary code execution.
(CVE-2014-1512)
- An out-of-bounds write error exists due to 'TypedArrayObject' improperly handling 'ArrayBuffer' objects that could result in arbitrary code execution.
(CVE-2014-1513)
- An out-of-bounds write error exists when copying values from one array to another that could result in arbitrary code execution. (CVE-2014-1514)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top