Buffer Overflow Vulnerability in Mozilla Products
CVE-2014-1593

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox Esr; Firefox; Seamonkey; Thunderbird
Vendor: CVE Published:; 11 December 2014

Summary

A stack-based buffer overflow vulnerability in the mozilla::FileBlockCache::Read function could allow remote attackers to execute arbitrary code. The flaw affects multiple versions of Mozilla Firefox, Thunderbird, and SeaMonkey, creating a risk when users encounter specially crafted media content.

References

http://lists.opensuse.org/opensuse-security-announce/2015...

vendor-advisoryx_refsource_SUSE

https://bugzilla.mozilla.org/show_bug.cgi?id=1085175

x_refsource_CONFIRM

https://security.gentoo.org/glsa/201504-01

vendor-advisoryx_refsource_GENTOO

Timeline

Vulnerability published
Dec 11, 2014
Vulnerability Reserved
Jan 16, 2014