CVE-2014-1593: Buffer Overflow
First published: Thu Dec 11 2014(Updated: )
Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.
Credit: security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Firefox | <=33.0 | |
| Mozilla Firefox ESR | <=31.2 | |
| Mozilla SeaMonkey | <=2.30 | |
| Mozilla Thunderbird | <=31.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
- http://www.debian.org/security/2014/dsa-3090
- http://www.debian.org/security/2014/dsa-3092
- http://www.mozilla.org/security/announce/2014/mfsa2014-88.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- http://www.securityfocus.com/bid/71395
- https://bugzilla.mozilla.org/show_bug.cgi?id=1085175
- https://security.gentoo.org/glsa/201504-01
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/mozilla
- canonical/mozilla firefox
- version/mozilla firefox/33.0
- canonical/mozilla firefox esr
- version/mozilla firefox esr/31.2
- canonical/mozilla seamonkey
- version/mozilla seamonkey/2.30
- canonical/mozilla thunderbird
- version/mozilla thunderbird/31.2