Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 35.0 and SeaMonkey prior to 2.32 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla seamonkey |
||
mozilla firefox |
Nine flaws scrubbed out
Mozilla has crushed nine bugs, some rather dangerous, in the latest version of its flagship browser. The fixes include a patch for a critical sandbox escape (CVE-2014-8643) in the Gecko Media Plugin used for h.264 video playback affecting Windows machines (but not OS X or Linux). Another critical hole addressed a read-after-free flaw (CVE-2014-8641) in WebRTC that affected Firefox and SeaMonkey and pertains to the way tracks are handled, leading to an exploitable crash or incorrect behaviour. A ...