Description: | Gary Kwong, Randell Jesup, Nils Ohlmeier, Jesse Ruderman, Max JonasWerner, Christian Holler, Jon Coppeard, Eric Rahm, Byron Campen, EricRescorla, and Xidorn Quan discovered multiple memory safety issues inFirefox. If a user were tricked in to opening a specially crafted website,an attacker could potentially exploit these to cause a denial of servicevia application crash, or execute arbitrary code with the privileges ofthe user invoking Firefox. (CVE-2014-1587, CVE-2014-1588)Cody Crews discovered a way to trigger chrome-level XBL bindings from webcontent in some circumstances. If a user were tricked in to opening aspecially crafted website, an attacker could potentially exploit this tobypass security restrictions. (CVE-2014-1589)Joe Vennix discovered a crash when using XMLHttpRequest in somecircumstances. If a user were tricked in to opening a specially craftedwebsite, an attacker could potentially exploit this to cause a denial ofservice. (CVE-2014-1590)Muneaki Nishimura discovered that CSP violation reports did not removepath information in some circumstances. If a user were tricked in toopening a specially crafted website, an attacker could potentiallyexploit this to obtain sensitive information. (CVE-2014-1591)Berend-Jan Wever discovered a use-after-free during HTML parsing. If auser were tricked in to opening a specially crafted website, an attackercould potentially exploit this to cause a denial of service viaapplication crash or execute arbitrary code with the privileges of theuser invoking Firefox. (CVE-2014-1592)Abhishek Arya discovered a buffer overflow when parsing media content. Ifa user were tricked in to opening a specially crafted website, an attackercould potentially exploit this to cause a denial of service viaapplication crash or execute arbitrary code with the privileges of theuser invoking Firefox. (CVE-2014-1593)Byoungyoung Lee, Chengyu Song, and Taesoo Kim discovered a bad cast in thecompositor. If a user were tricked in to opening a specially craftedwebsite, an attacker could potentially exploit this to cause undefinedbehaviour, a denial of service via application crash or execute abitrarycode with the privileges of the user invoking Firefox. (CVE-2014-1594) |