CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2014-1580 – Firefox / MSIE Memory Disclosure Bugs
https://notcve.org/view.php?id=CVE-2014-1580
Mozilla Firefox before 33.0 does not properly initialize memory for GIF images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers a sequence of rendering operations for truncated GIF data within a CANVAS element. Mozilla Firefox anterior a 33.0 no inicializa debidamente la memoria para los imágenes GIF, lo que permite a atacantes remotos obtener información sensible de la memoria de procesos a través de una página web manipulada que provoca una secuencia de operaciones de renderización para datos GIF truncados dentro de un elemento CANVAS. Firefox versions prior to 33 leak bits of uninitialized memory when rendering certain types of truncated images onto canvas tags. Secondly, MSRC case #19611cz is a seemingly similar issue with Internet Explorer apparently using bits of uninitialized stack data when handling JPEG files with an oddball DHT. • http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html http://secunia.com/advisories/62022 http://secunia.com/advisories/62023 http://www.mozilla.org/security/announce/2014/mfsa2014-78.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2014-1582
https://notcve.org/view.php?id=CVE-2014-1582
The Public Key Pinning (PKP) implementation in Mozilla Firefox before 33.0 does not properly consider the connection-coalescing behavior of SPDY and HTTP/2 in the case of a shared IP address, which allows man-in-the-middle attackers to bypass an intended pinning configuration and spoof a web site by providing a valid certificate from an arbitrary recognized Certification Authority. La implementación Public Key Pinning (PKP) en Mozilla Firefox anterior a 33.0 no considera debidamente el comportamiento de la integración de conexiones (connection-coalescing) de SPDY y HTTP/2 en el caso de una dirección IP compartida, lo que permite a atacantes man-in-the-middle evadir una configuración de fijación (pinning) y suplantar un sitio web mediante la provisión de un certificado válido de una autoridad de certificación reconocida y arbitraria. • http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html http://secunia.com/advisories/62022 http://secunia.com/advisories/62023 http://www.mozilla.org/security/announce/2014/mfsa2014-80.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html • CWE-310: Cryptographic Issues •
CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0CVE-2014-1585
https://notcve.org/view.php?id=CVE-2014-1585
The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not properly recognize Stop Sharing actions for videos in IFRAME elements, which allows remote attackers to obtain sensitive information from the local camera by maintaining a session after the user tries to discontinue streaming. La caracteristica de compartir vídeos WebRTC en dom/media/MediaManager.cpp en Mozilla Firefox anterior a 33.0, Firefox ESR 31.x anterior a 31.2, y Thunderbird 31.x anterior a 31.2 no reconoce debidamente las acciones Stop Sharing para los vídeos en los elementos IFRAME, lo que permite a atacantes remotos obtener información sensible de la camera local mediante el mantenimiento de una sesión después de que el usuario intente descontinuar el flujo. • http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00000.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html •
CVSS: 7.5EPSS: 7%CPEs: 4EXPL: 1CVE-2014-1575
https://notcve.org/view.php?id=CVE-2014-1575
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to improper interaction between threading and garbage collection in the GCRuntime::triggerGC function in js/src/jsgc.cpp, and unknown other vectors. Múltiples vulnerabilidades no especificadas en el motor de navegación en Mozilla Firefox anterior a 33.0 permiten a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de aplicación) o posiblemente ejecutar código arbitrario a través de vectores relacionados con la interacción indebida entre el hilo y la recolección de basura en la función GCRuntime::triggerGC en js/src/jsgc.cpp, y otros vectores desconocidos. • http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html http://secunia.com/advisories/62022 http://secunia.com/advisories/62023 http://www.mozilla.org/security/announce/2014/mfsa2014-74.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.4EPSS: 8%CPEs: 8EXPL: 0CVE-2014-1577 – Mozilla: Web Audio memory corruption issues with custom waveforms (MFSA 2014-76)
https://notcve.org/view.php?id=CVE-2014-1577
The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via an invalid custom waveform that triggers a calculation of a negative frequency value. La función mozilla::dom::OscillatorNodeEngine::ComputeCustom en el subsistema Web Audio en Mozilla Firefox anterior a 33.0, Firefox ESR 31.x anterior a 31.2, y Thunderbird 31.x anterior a 31.2 permite a atacantes remotos obtener información sensible de la memoria de procesos o causar una denegación de servicio (lectura fuera de rango, corrupción de memoria y caída de aplicación) a través de una forma de ola personalizada inválida que provoca un cálculo de un valor negativo de frecuencia. • http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00000.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html •