rhsa-2014_0310
Vulnerability from csaf_redhat
Published
2014-03-18 20:34
Modified
2024-11-22 07:40
Summary
Red Hat Security Advisory: firefox security update
Notes
Topic
Updated firefox packages that fix several security issues are now available
for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having Critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
Mozilla Firefox is an open source web browser. XULRunner provides the XUL
Runtime environment for Mozilla Firefox.
Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user running
Firefox. (CVE-2014-1493, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512,
CVE-2014-1513, CVE-2014-1514)
Several information disclosure flaws were found in the way Firefox
processed malformed web content. An attacker could use these flaws to gain
access to sensitive information such as cross-domain content or protected
memory addresses or, potentially, cause Firefox to crash. (CVE-2014-1497,
CVE-2014-1508, CVE-2014-1505)
A memory corruption flaw was found in the way Firefox rendered certain PDF
files. An attacker able to trick a user into installing a malicious
extension could use this flaw to crash Firefox or, potentially, execute
arbitrary code with the privileges of the user running Firefox.
(CVE-2014-1509)
Red Hat would like to thank the Mozilla project for reporting these issues.
Upstream acknowledges Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij,
Jesse Ruderman, Dan Gohman, Christoph Diehl, Atte Kettunen, Tyson Smith,
Jesse Schwartzentruber, John Thomson, Robert O'Callahan, Mariusz Mlynski,
Jüri Aedla, George Hotz, and the security research firm VUPEN as the
original reporters of these issues.
For technical details regarding these flaws, refer to the Mozilla security
advisories for Firefox 24.4.0 ESR. You can find a link to the Mozilla
advisories in the References section of this erratum.
All Firefox users should upgrade to these updated packages, which contain
Firefox version 24.4.0 ESR, which corrects these issues. After installing
the update, Firefox must be restarted for the changes to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated firefox packages that fix several security issues are now available\nfor Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having Critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2014-1493, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512,\nCVE-2014-1513, CVE-2014-1514)\n\nSeveral information disclosure flaws were found in the way Firefox\nprocessed malformed web content. An attacker could use these flaws to gain\naccess to sensitive information such as cross-domain content or protected\nmemory addresses or, potentially, cause Firefox to crash. (CVE-2014-1497,\nCVE-2014-1508, CVE-2014-1505)\n\nA memory corruption flaw was found in the way Firefox rendered certain PDF\nfiles. An attacker able to trick a user into installing a malicious\nextension could use this flaw to crash Firefox or, potentially, execute\narbitrary code with the privileges of the user running Firefox.\n(CVE-2014-1509)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij,\nJesse Ruderman, Dan Gohman, Christoph Diehl, Atte Kettunen, Tyson Smith,\nJesse Schwartzentruber, John Thomson, Robert O\u0027Callahan, Mariusz Mlynski,\nJ\u00fcri Aedla, George Hotz, and the security research firm VUPEN as the\noriginal reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 24.4.0 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 24.4.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:0310",
"url": "https://access.redhat.com/errata/RHSA-2014:0310"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html",
"url": "http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html"
},
{
"category": "external",
"summary": "1077013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077013"
},
{
"category": "external",
"summary": "1077016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077016"
},
{
"category": "external",
"summary": "1077025",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077025"
},
{
"category": "external",
"summary": "1077028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077028"
},
{
"category": "external",
"summary": "1077029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077029"
},
{
"category": "external",
"summary": "1077490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077490"
},
{
"category": "external",
"summary": "1077491",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077491"
},
{
"category": "external",
"summary": "1077492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077492"
},
{
"category": "external",
"summary": "1077494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077494"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0310.json"
}
],
"title": "Red Hat Security Advisory: firefox security update",
"tracking": {
"current_release_date": "2024-11-22T07:40:11+00:00",
"generator": {
"date": "2024-11-22T07:40:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2014:0310",
"initial_release_date": "2014-03-18T20:34:18+00:00",
"revision_history": [
{
"date": "2014-03-18T20:34:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2014-03-18T20:34:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T07:40:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"product": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"product_id": "firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.4.0-1.el5_10?arch=i386"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.4.0-1.el5_10.i386",
"product": {
"name": "firefox-0:24.4.0-1.el5_10.i386",
"product_id": "firefox-0:24.4.0-1.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.4.0-1.el5_10?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"product": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"product_id": "firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.4.0-1.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.4.0-1.el5_10.x86_64",
"product": {
"name": "firefox-0:24.4.0-1.el5_10.x86_64",
"product_id": "firefox-0:24.4.0-1.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.4.0-1.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"product": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"product_id": "firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.4.0-1.el6_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.4.0-1.el6_5.x86_64",
"product": {
"name": "firefox-0:24.4.0-1.el6_5.x86_64",
"product_id": "firefox-0:24.4.0-1.el6_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.4.0-1.el6_5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:24.4.0-1.el5_10.src",
"product": {
"name": "firefox-0:24.4.0-1.el5_10.src",
"product_id": "firefox-0:24.4.0-1.el5_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.4.0-1.el5_10?arch=src"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.4.0-1.el6_5.src",
"product": {
"name": "firefox-0:24.4.0-1.el6_5.src",
"product_id": "firefox-0:24.4.0-1.el6_5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.4.0-1.el6_5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"product": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"product_id": "firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.4.0-1.el5_10?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.4.0-1.el5_10.ppc",
"product": {
"name": "firefox-0:24.4.0-1.el5_10.ppc",
"product_id": "firefox-0:24.4.0-1.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.4.0-1.el5_10?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"product": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"product_id": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.4.0-1.el6_5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.4.0-1.el6_5.ppc",
"product": {
"name": "firefox-0:24.4.0-1.el6_5.ppc",
"product_id": "firefox-0:24.4.0-1.el6_5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.4.0-1.el6_5?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"product": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"product_id": "firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.4.0-1.el5_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.4.0-1.el5_10.s390x",
"product": {
"name": "firefox-0:24.4.0-1.el5_10.s390x",
"product_id": "firefox-0:24.4.0-1.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.4.0-1.el5_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"product": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"product_id": "firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.4.0-1.el6_5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.4.0-1.el6_5.s390x",
"product": {
"name": "firefox-0:24.4.0-1.el6_5.s390x",
"product_id": "firefox-0:24.4.0-1.el6_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.4.0-1.el6_5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"product": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"product_id": "firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.4.0-1.el5_10?arch=s390"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.4.0-1.el5_10.s390",
"product": {
"name": "firefox-0:24.4.0-1.el5_10.s390",
"product_id": "firefox-0:24.4.0-1.el5_10.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.4.0-1.el5_10?arch=s390"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"product": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"product_id": "firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.4.0-1.el6_5?arch=s390"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.4.0-1.el6_5.s390",
"product": {
"name": "firefox-0:24.4.0-1.el6_5.s390",
"product_id": "firefox-0:24.4.0-1.el6_5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.4.0-1.el6_5?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"product": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"product_id": "firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.4.0-1.el5_10?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.4.0-1.el5_10.ia64",
"product": {
"name": "firefox-0:24.4.0-1.el5_10.ia64",
"product_id": "firefox-0:24.4.0-1.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.4.0-1.el5_10?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"product": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"product_id": "firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.4.0-1.el6_5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.4.0-1.el6_5.i686",
"product": {
"name": "firefox-0:24.4.0-1.el6_5.i686",
"product_id": "firefox-0:24.4.0-1.el6_5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.4.0-1.el6_5?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"product": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"product_id": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.4.0-1.el6_5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.4.0-1.el6_5.ppc64",
"product": {
"name": "firefox-0:24.4.0-1.el6_5.ppc64",
"product_id": "firefox-0:24.4.0-1.el6_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.4.0-1.el6_5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386"
},
"product_reference": "firefox-0:24.4.0-1.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64"
},
"product_reference": "firefox-0:24.4.0-1.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc"
},
"product_reference": "firefox-0:24.4.0-1.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el5_10.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390"
},
"product_reference": "firefox-0:24.4.0-1.el5_10.s390",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x"
},
"product_reference": "firefox-0:24.4.0-1.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el5_10.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src"
},
"product_reference": "firefox-0:24.4.0-1.el5_10.src",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64"
},
"product_reference": "firefox-0:24.4.0-1.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386"
},
"product_reference": "firefox-0:24.4.0-1.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64"
},
"product_reference": "firefox-0:24.4.0-1.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc"
},
"product_reference": "firefox-0:24.4.0-1.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el5_10.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390"
},
"product_reference": "firefox-0:24.4.0-1.el5_10.s390",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x"
},
"product_reference": "firefox-0:24.4.0-1.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el5_10.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src"
},
"product_reference": "firefox-0:24.4.0-1.el5_10.src",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64"
},
"product_reference": "firefox-0:24.4.0-1.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.i686",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.ppc",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.ppc64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.s390",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.s390x",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.src",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.x86_64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.src",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.i686",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.ppc",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.ppc64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.s390",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.s390x",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.src",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.x86_64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.i686",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.ppc",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.ppc64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.s390",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.s390x",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.src",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.4.0-1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64"
},
"product_reference": "firefox-0:24.4.0-1.el6_5.x86_64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.4.0-1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"relates_to_product_reference": "6Workstation-6.5.z"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
}
],
"cve": "CVE-2014-1493",
"discovery_date": "2014-03-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1077013"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Miscellaneous memory safety hazards (rv:24.4) (MFSA 2014-15)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1493"
},
{
"category": "external",
"summary": "RHBZ#1077013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077013"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1493",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1493"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1493",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1493"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-15.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-15.html"
}
],
"release_date": "2014-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-03-18T20:34:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0310"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Miscellaneous memory safety hazards (rv:24.4) (MFSA 2014-15)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Atte Kettunen"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1497",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2014-03-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1077016"
}
],
"notes": [
{
"category": "description",
"text": "The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Out of bounds read during WAV file decoding (MFSA 2014-17)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1497"
},
{
"category": "external",
"summary": "RHBZ#1077016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1497",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1497"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1497",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1497"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-17.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-17.html"
}
],
"release_date": "2014-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-03-18T20:34:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0310"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Out of bounds read during WAV file decoding (MFSA 2014-17)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Robert O\u0027Callahan"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1505",
"discovery_date": "2014-03-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1077029"
}
],
"notes": [
{
"category": "description",
"text": "The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: SVG filters information disclosure through feDisplacementMap (MFSA 2014-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1505"
},
{
"category": "external",
"summary": "RHBZ#1077029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077029"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1505",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1505"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1505",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1505"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-28.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-28.html"
}
],
"release_date": "2014-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-03-18T20:34:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0310"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: SVG filters information disclosure through feDisplacementMap (MFSA 2014-28)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Tyson Smith",
"Jesse Schwartzentruber"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1508",
"discovery_date": "2014-03-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1077025"
}
],
"notes": [
{
"category": "description",
"text": "The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Information disclosure through polygon rendering in MathML (MFSA 2014-26)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1508"
},
{
"category": "external",
"summary": "RHBZ#1077025",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077025"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1508",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1508"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1508",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1508"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-26.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-26.html"
}
],
"release_date": "2014-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-03-18T20:34:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0310"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Information disclosure through polygon rendering in MathML (MFSA 2014-26)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"John Thomson"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1509",
"discovery_date": "2014-03-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1077028"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Memory corruption in Cairo during PDF font rendering (MFSA 2014-27)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1509"
},
{
"category": "external",
"summary": "RHBZ#1077028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077028"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1509",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1509"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1509",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1509"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-27.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-27.html"
}
],
"release_date": "2014-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-03-18T20:34:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0310"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Memory corruption in Cairo during PDF font rendering (MFSA 2014-27)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Mariusz Mlynski"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1510",
"discovery_date": "2014-03-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1077490"
}
],
"notes": [
{
"category": "description",
"text": "The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Privilege escalation using WebIDL-implemented APIs (MFSA 2014-29)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1510"
},
{
"category": "external",
"summary": "RHBZ#1077490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077490"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1510",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1510"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1510",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1510"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html"
}
],
"release_date": "2014-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-03-18T20:34:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0310"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Privilege escalation using WebIDL-implemented APIs (MFSA 2014-29)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Mariusz Mlynski"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1511",
"discovery_date": "2014-03-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1077490"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Privilege escalation using WebIDL-implemented APIs (MFSA 2014-29)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1511"
},
{
"category": "external",
"summary": "RHBZ#1077490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077490"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1511",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1511"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1511",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1511"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-29.html"
}
],
"release_date": "2014-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-03-18T20:34:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0310"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Privilege escalation using WebIDL-implemented APIs (MFSA 2014-29)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Security research firm VUPEN"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1512",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2014-03-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1077491"
}
],
"notes": [
{
"category": "description",
"text": "Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Use-after-free in TypeObject (MFSA 2014-30)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1512"
},
{
"category": "external",
"summary": "RHBZ#1077491",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077491"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1512",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1512"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1512",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1512"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-30.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-30.html"
}
],
"release_date": "2014-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-03-18T20:34:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0310"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Use-after-free in TypeObject (MFSA 2014-30)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"J\u00fcri Aedla"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1513",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2014-03-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1077492"
}
],
"notes": [
{
"category": "description",
"text": "TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Out-of-bounds read/write through neutering ArrayBuffer objects (MFSA 2014-31)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1513"
},
{
"category": "external",
"summary": "RHBZ#1077492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1513",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1513"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1513",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1513"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-31.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-31.html"
}
],
"release_date": "2014-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-03-18T20:34:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0310"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Out-of-bounds read/write through neutering ArrayBuffer objects (MFSA 2014-31)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"George Hotz"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1514",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2014-03-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1077494"
}
],
"notes": [
{
"category": "description",
"text": "vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Out-of-bounds write through TypedArrayObject after neutering (MFSA 2014-32)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1514"
},
{
"category": "external",
"summary": "RHBZ#1077494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077494"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1514",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1514"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1514",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1514"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html"
}
],
"release_date": "2014-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-03-18T20:34:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0310"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Client-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.src",
"5Server-5.10.Z:firefox-0:24.4.0-1.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.4.0-1.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Client-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Server-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.4.0-1.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.4.0-1.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Out-of-bounds write through TypedArrayObject after neutering (MFSA 2014-32)"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.