- Home
- CVEs with nessus.description==The installed version of Firefox is a version prior to 29.0 and is,
therefore, potentially affected by the following vulnerabilities :
- An issue exists in the Network Security (NSS) library
due to improper handling of IDNA domain prefixes for
wildcard certificates. This issue could allow man-in-
the-middle attacks. (CVE-2014-1492)
- Memory issues exist that could lead to arbitrary code
execution. (CVE-2014-1518, CVE-2014-1519)
- An issue exists related to the 'Mozilla Maintenance
Service' that could lead to privilege escalation due to
the creation of a writeable temporary directory during
the update process. (CVE-2014-1520)
- An out-of-bounds read issue exists in the Web Audio
feature that could lead to information disclosure.
(CVE-2014-1522)
- An out-of-bounds read issue exists when decoding
certain JPG images that could lead to a denial of
service. (CVE-2014-1523)
- A memory corruption issue exists due to improper
validation of XBL objects that could lead to arbitrary
code execution. (CVE-2014-1524)
- A use-after-free memory issue exists in the Text Track
Manager during HTML video processing that could lead
to arbitrary code execution. (CVE-2014-1525)
- An issue exists related to the debugger bypassing
XrayWrappers that could lead to privilege escalation.
(CVE-2014-1526)
- An out-of-bounds write issue exists in the Cairo
graphics library that could lead to arbitrary code
execution. Note that this issue only affects Firefox
28 and SeaMonkey 2.25. (CVE-2014-1528)
- A security bypass issue exists in the Web Notification
API that could lead to arbitrary code execution.
(CVE-2014-1529)
- A cross-site scripting issue exists that could allow an
attacker to load another website other than the URL for
the website that is shown in the address bar.
(CVE-2014-1530)
- A use-after-free issue exists due to an 'imgLoader'
object being freed when being resized. This issue
could lead to arbitrary code execution. (CVE-2014-1531)
- A use-after-free issue exists during host resolution
that could lead to arbitrary code execution.
(CVE-2014-1532)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top