[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-8641Date: (C)2015-01-14   (M)2024-03-27


Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via crafted track data.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1031533
SECUNIA-62237
SECUNIA-62242
SECUNIA-62250
SECUNIA-62253
SECUNIA-62273
SECUNIA-62293
SECUNIA-62313
SECUNIA-62316
SECUNIA-62418
SECUNIA-62446
SECUNIA-62790
BID-72044
DSA-3127
GLSA-201504-01
RHSA-2015:0046
SUSE-SU-2015:0171
SUSE-SU-2015:0173
SUSE-SU-2015:0180
firefox-cve20148641-dos(99961)
http://linux.oracle.com/errata/ELSA-2015-0046.html
http://www.mozilla.org/security/announce/2014/mfsa2015-06.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
https://bugzilla.mozilla.org/show_bug.cgi?id=1108455
openSUSE-SU-2015:0077
openSUSE-SU-2015:0192

CPE    7
cpe:/a:mozilla:firefox_esr:31.1.0
cpe:/a:mozilla:firefox_esr:31.1.1
cpe:/a:mozilla:firefox_esr:31.3.0
cpe:/a:mozilla:firefox_esr:31.0
...
OVAL    21
oval:org.secpod.oval:def:1500878
oval:org.secpod.oval:def:108325
oval:org.secpod.oval:def:702363
oval:org.secpod.oval:def:108308
...

© SecPod Technologies