Published: 14/01/2015 Updated: 03/01/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 35.0 and SeaMonkey prior to 2.32 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla seamonkey
mozilla firefox

USN-2458-1 introduced a regression in Firefox ...

This update provides compatible packages for Firefox 35 ...

Firefox could be made to crash or run programs as your login if it opened a malicious website ...

Mozilla Foundation Security Advisory 2015-01 Miscellaneous memory safety hazards (rv:350 / rv:314) Announced January 13, 2015 Reporter Mozilla Developers Impact Critical Products Firefox, Firefox ESR, Firefox OS, SeaMonkey, ...

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 350 and SeaMonkey before 232 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors ...

Firefox 35 stamps out critical bugs

The Register • Darren Pauli • 19 Jan 2015

Nine flaws scrubbed out

Mozilla has crushed nine bugs, some rather dangerous, in the latest version of its flagship browser. The fixes include a patch for a critical sandbox escape (CVE-2014-8643) in the Gecko Media Plugin used for h.264 video playback affecting Windows machines (but not OS X or Linux). Another critical hole addressed a read-after-free flaw (CVE-2014-8641) in WebRTC that affected Firefox and SeaMonkey and pertains to the way tracks are handled, leading to an exploitable crash or incorrect behaviour. A ...

NVD-CWE-noinfo https://bugzilla.mozilla.org/show_bug.cgi?id=1067473 https://bugzilla.mozilla.org/show_bug.cgi?id=1026774 https://bugzilla.mozilla.org/show_bug.cgi?id=1072871 https://bugzilla.mozilla.org/show_bug.cgi?id=1070962 https://bugzilla.mozilla.org/show_bug.cgi?id=1027300 https://bugzilla.mozilla.org/show_bug.cgi?id=1054538 https://bugzilla.mozilla.org/show_bug.cgi?id=1098583 http://www.mozilla.org/security/announce/2014/mfsa2015-01.html https://bugzilla.mozilla.org/show_bug.cgi?id=1072130 http://secunia.com/advisories/62242 http://secunia.com/advisories/62250 http://www.securitytracker.com/id/1031533 http://secunia.com/advisories/62446 http://secunia.com/advisories/62790 http://secunia.com/advisories/62657 http://lists.opensuse.org/opensuse-updates/2015-01/msg00071.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00002.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/72050 https://security.gentoo.org/glsa/201504-01 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://www.securitytracker.com/id/1031534 http://secunia.com/advisories/62418 http://secunia.com/advisories/62316 http://secunia.com/advisories/62253 https://nvd.nist.gov https://usn.ubuntu.com/2458-3/https://access.redhat.com/security/cve/cve-2014-8635

CVE-2014-8635

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Recent Articles

References

Vulmon Search

About

Products

Connect