Use-After-Free Vulnerability in Mozilla Firefox and SeaMonkey WebRTC Implementation
CVE-2014-8641

Currently unrated

Key Information:

Vendor: Mozilla
Status: Seamonkey
Vendor: CVE Published:; 14 January 2015

What is CVE-2014-8641?

A use-after-free vulnerability exists in the WebRTC implementation of Mozilla Firefox and SeaMonkey prior to specified versions. Attackers can exploit this flaw by crafting malicious track data, potentially leading to arbitrary code execution on an affected system. This vulnerability highlights the need for users to maintain updated versions of the browser to mitigate security risks.

References

http://rhn.redhat.com/errata/RHSA-2015-0046.html

vendor-advisoryx_refsource_REDHAT

http://www.mozilla.org/security/announce/2014/mfsa2015-06...

x_refsource_CONFIRM

http://secunia.com/advisories/62242

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 14, 2015
Vulnerability Reserved
Nov 6, 2014