| Description: | Mozilla Firefox has been updated to the 31.3ESR release fixing bugs andsecurity issues. * MFSA 2014-83 / CVE-2014-1588 / CVE-2014-1587: Mozilla developers andcommunity identified and fixed several memory safety bugs in the browserengine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certaincircumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. * MFSA 2014-85 / CVE-2014-1590: Security researcher Joe Vennix fromRapid7 reported that passing a JavaScript object to XMLHttpRequest thatmimics an input stream will a crash. This crash is not exploitable and canonly be used for denial of service attacks. * MFSA 2014-87 / CVE-2014-1592: Security researcher Berend-Jan Weverreported a use-after-free created by triggering the creation of a secondroot element while parsing HTML written to a document created withdocument.open(). This leads to a potentially exploitable crash. * MFSA 2014-88 / CVE-2014-1593: Security researcher Abhishek Arya(Inferno) of the Google Chrome Security Team used the Address Sanitizertool to discover a buffer overflow during the parsing of media content.This leads to a potentially exploitable crash. * MFSA 2014-89 / CVE-2014-1594: Security researchers Byoungyoung Lee,Chengyu Song, and Taesoo Kim at the Georgia Tech Information SecurityCenter (GTISC) reported a bad casting from the BasicThebesLayer toBasicContainerLayer, resulting in undefined behavior. This behavior ispotentially exploitable with some compilers but no clear mechanism totrigger it through web content was identified. * MFSA 2014-90 / CVE-2014-1595: Security researcher Kent Howardreported an Apple issue present in OS X 10.10 (Yosemite) where log filesare created by the CoreGraphics framework of OS X in the /tmp localdirectory. These log files contain a record of all inputs into Mozillaprograms during their operation. In versions of OS X from versions 10.6through 10.9, the CoreGraphics had this logging ability but it was turnedoff by default. In OS X 10.10, this logging was turned on by default forsome applications that use a custom memory allocator, such as jemalloc,because of an initialization bug in the framework. This issue has beenaddressed in Mozilla products by explicitly turning off the framework'slogging of input events. On vulnerable systems, this issue can result inprivate data such as usernames, passwords, and other inputed data beingsaved to a log file on the local system.Security Issues: * CVE-2014-1587 * CVE-2014-1588 * CVE-2014-1589 * CVE-2014-1590 * CVE-2014-1591 * CVE-2014-1592 * CVE-2014-1593 * CVE-2014-1594 * CVE-2014-1595 |