CVE-2014-1593

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox Esr; Firefox; Seamonkey; Thunderbird
Vendor: CVE Published:; 11 December 2014

Summary

Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.

References

http://lists.opensuse.org/opensuse-security-announce/2015...

vendor-advisoryx_refsource_SUSE

https://bugzilla.mozilla.org/show_bug.cgi?id=1085175

x_refsource_CONFIRM

https://security.gentoo.org/glsa/201504-01

vendor-advisoryx_refsource_GENTOO

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 11, 2014
Vulnerability Reserved
Jan 16, 2014