Vulnerability Name:

CVE-2014-1514 (CCN-91882)

Assigned:2014-03-18
Published:2014-03-18
Updated:2020-08-05
Summary:vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.
CVSS v3 Severity:9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-787
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2014-1514

Source: SUSE
Type: Mailing List, Third Party Advisory
SUSE-SU-2014:0418

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2014:0419

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2014:0448

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2014:0584

Source: REDHAT
Type: Third Party Advisory
RHSA-2014:0310

Source: CCN
Type: RHSA-2014-0316
Important: thunderbird security update

Source: REDHAT
Type: Third Party Advisory
RHSA-2014:0316

Source: CCN
Type: SA57500
Mozilla Firefox / Thunderbird / SeaMonkey Multiple Vulnerabilities

Source: CCN
Type: SA57510
Mozilla Firefox Multiple Vulnerabilities

Source: DEBIAN
Type: Third Party Advisory
DSA-2881

Source: DEBIAN
Type: Third Party Advisory
DSA-2911

Source: CCN
Type: MFSA 2014-32
Out-of-bounds write through TypedArrayObject after neutering

Source: CONFIRM
Type: Vendor Advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-32.html

Source: CONFIRM
Type: Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Source: BID
Type: Third Party Advisory, VDB Entry
66240

Source: CCN
Type: BID-66240
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1514 Out of Bounds Memory Corruption Vulnerability

Source: UBUNTU
Type: Third Party Advisory
USN-2151-1

Source: CONFIRM
Type: Exploit, Issue Tracking, Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=983344

Source: XF
Type: UNKNOWN
mozilla-cve20141514-code-exec(91882)

Source: GENTOO
Type: Third Party Advisory
GLSA-201504-01

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-1514

Source: CCN
Type: ZDI-14-085
(Pwn2Own) Mozilla Firefox TypedArrayObject Out-Of-Bounds Write Remote Code Execution Vulnerability

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version < 28.0)
  • OR cpe:/a:mozilla:firefox_esr:*:*:*:*:*:*:*:* (Version >= 24.0 and < 24.4)
  • OR cpe:/a:mozilla:seamonkey:*:*:*:*:*:*:*:* (Version < 2.25)
  • OR cpe:/a:mozilla:thunderbird:*:*:*:*:*:*:*:* (Version < 24.4)

    • Configuration 2:
  • cpe:/o:debian:debian_linux:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*
  • OR cpe:/o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*

    • Configuration 4:
  • cpe:/o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/a:redhat:rhel_productivity:5:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:mozilla:firefox_esr:24.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:27.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.24:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:24.3.0:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:609
    P
    		Security update for sqlite3 (Moderate) (in QA)
    2022-10-04
    oval:org.opensuse.security:def:20141514
    V
    		CVE-2014-1514
    2022-06-30
    oval:org.opensuse.security:def:1301
    P
    		Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP3) (Important)
    2022-04-14
    oval:org.opensuse.security:def:1693
    P
    		Security update for stunnel (Important)
    2022-03-16
    oval:org.opensuse.security:def:111898
    P
    		MozillaFirefox-50.1.0-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:64678
    P
    		Security update for apache2 (Important)
    2022-01-17
    oval:org.opensuse.security:def:111904
    P
    		MozillaThunderbird-45.5.1-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:113433
    P
    		seamonkey-2.40-6.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:945
    P
    		Security update for net-snmp (Important)
    2022-01-11
    oval:org.opensuse.security:def:31755
    P
    		Security update for libvirt (Important)
    2022-01-10
    oval:org.opensuse.security:def:30166
    P
    		Security update for chrony (Moderate)
    2021-12-22
    oval:org.opensuse.security:def:32252
    P
    		Security update for chrony (Moderate)
    2021-12-22
    oval:org.opensuse.security:def:55979
    P
    		Security update for clamav (Moderate)
    2021-12-01
    oval:org.opensuse.security:def:33047
    P
    		Security update for webkit2gtk3 (Important)
    2021-11-23
    oval:org.opensuse.security:def:33741
    P
    		Security update for postgresql, postgresql13, postgresql14 (Important)
    2021-11-20
    oval:org.opensuse.security:def:30147
    P
    		Security update for MozillaFirefox (Important)
    2021-11-17
    oval:org.opensuse.security:def:1137
    P
    		Security update for the Linux Kernel (Important)
    2021-11-16
    oval:org.opensuse.security:def:33034
    P
    		Security update for opensc (Important)
    2021-10-29
    oval:org.opensuse.security:def:33024
    P
    		Security update for util-linux (Moderate)
    2021-10-19
    oval:org.opensuse.security:def:32203
    P
    		Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)
    2021-10-18
    oval:org.opensuse.security:def:33729
    P
    		Security update for MozillaFirefox (Important)
    2021-10-15
    oval:org.opensuse.security:def:105475
    P
    		MozillaFirefox-50.1.0-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:105477
    P
    		MozillaThunderbird-45.5.1-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:106834
    P
    		seamonkey-2.40-6.1 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:71352
    P
    		openssh-7.9p1-4.7 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:64765
    P
    		Security update for ghostscript (Critical)
    2021-09-15
    oval:org.opensuse.security:def:29417
    P
    		Security update for libesmtp (Important)
    2021-09-02
    oval:org.opensuse.security:def:26115
    P
    		Security update for libesmtp (Important)
    2021-09-02
    oval:org.opensuse.security:def:32995
    P
    		Security update for file (Important)
    2021-09-02
    oval:org.opensuse.security:def:32985
    P
    		Security update for openssl (Important)
    2021-08-24
    oval:org.opensuse.security:def:47634
    P
    		gstreamer-plugins-base-1.8.3-12.11 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47831
    P
    		mutt-1.10.1-55.6.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48287
    P
    		python-pywbem-0.7.0-4.3 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47459
    P
    		pam_krb5-2.4.4-4.4 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48129
    P
    		libjansson4-2.12-3.5.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47131
    P
    		ppc64-diag-2.7.1-5.6 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48119
    P
    		libgraphite2-3-1.3.1-10.3.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47673
    P
    		libXdmcp6-1.1.1-12.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48320
    P
    		sysvinit-tools-2.88+-101.3.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47948
    P
    		apache-commons-httpclient-3.1-4.364 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47620
    P
    		git-core-2.12.3-27.14.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47683
    P
    		libXrender1-0.9.8-7.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48256
    P
    		pam_krb5-2.4.4-4.4 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47266
    P
    		glib2-lang-2.48.2-10.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48045
    P
    		ibus-chewing-1.4.14-4.11 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47130
    P
    		powerpc-utils-1.3.2-17.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47987
    P
    		cyrus-sasl-2.1.26-8.7.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47659
    P
    		krb5-appl-clients-1.0.3-1.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48172
    P
    		libpng12-0-1.2.50-19.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47755
    P
    		libopenssl1_1-1.1.1-1.9 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48358
    P
    		zypper-1.13.51-21.26.4 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47619
    P
    		giflib-progs-5.0.5-12.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47591
    P
    		dbus-1-1.8.22-29.10.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48191
    P
    		libsmi-0.4.8-18.55 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47145
    P
    		rpcbind-0.2.3-21.4 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48211
    P
    		libunwind-1.1-11.3.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47794
    P
    		libtasn1-4.9-3.5.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47658
    P
    		krb5-1.12.5-40.28.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48080
    P
    		libXinerama1-1.1.3-3.54 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:29406
    P
    		Security update for cpio (Important)
    2021-08-14
    oval:org.opensuse.security:def:1732
    P
    		open-vm-tools-desktop-11.2.5-1.17 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:1098
    P
    		libopenjp2-7-2.3.0-1.25 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:29405
    P
    		Security update for djvulibre (Important)
    2021-08-05
    oval:org.opensuse.security:def:30108
    P
    		Security update for libsndfile (Critical)
    2021-08-05
    oval:org.opensuse.security:def:32147
    P
    		Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)
    2021-07-21
    oval:org.opensuse.security:def:68012
    P
    		Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP1) (Important)
    2021-07-14
    oval:org.opensuse.security:def:30210
    P
    		Security update for ucode-intel (Important)
    2021-06-10
    oval:org.opensuse.security:def:2435
    P
    		MozillaThunderbird-52.8-1.2 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48886
    P
    		telepathy-gabble-0.18.3-5.7 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48719
    P
    		freerdp-1.0.2-7.9 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48776
    P
    		gnome-shell-calendar-3.20.4-70.4 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:42478
    P
    		MozillaFirefox-31.7.0esr-0.8.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48618
    P
    		rsyslog-8.4.0-14.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36071
    P
    		MozillaFirefox-31.7.0esr-0.8.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:32936
    P
    		Security update for shim (Important)
    2021-06-08
    oval:org.opensuse.security:def:48359
    P
    		DirectFB-1.7.1-6.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48815
    P
    		raptor-2.0.10-3.67 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48657
    P
    		yast2-3.1.206-36.3 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36362
    P
    		MozillaFirefox-devel-31.7.0esr-0.8.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48745
    P
    		libsilc-1_1-2-1.1.10-24.128 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48534
    P
    		libpng12-0-1.2.50-13.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:63524
    P
    		MozillaThunderbird-52.8-1.2 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48784
    P
    		libFLAC++6-32bit-1.3.0-11.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48573
    P
    		libzip2-0.11.1-12.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48847
    P
    		lhasa-0.2.0-5.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48680
    P
    		libIlmImf-Imf_2_1-21-32bit-2.1.0-4.5 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:31623
    P
    		Security update for libxml2 (Important)
    2021-05-19
    oval:org.opensuse.security:def:55898
    P
    		Security update for python3 (Important)
    2021-05-17
    oval:org.opensuse.security:def:26046
    P
    		Security update for libxml2 (Moderate)
    2021-05-05
    oval:org.opensuse.security:def:33645
    P
    		Security update for samba (Important)
    2021-05-04
    oval:org.opensuse.security:def:30059
    P
    		Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP2) (Important)
    2021-04-12
    oval:org.opensuse.security:def:34044
    P
    		Security update for wavpack (Important)
    2021-03-24
    oval:org.opensuse.security:def:29489
    P
    		Security update for nghttp2 (Important)
    2021-03-24
    oval:org.opensuse.security:def:68112
    P
    		Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP1) (Important)
    2021-03-17
    oval:org.opensuse.security:def:55860
    P
    		Security update for wpa_supplicant (Important)
    2021-03-09
    oval:org.opensuse.security:def:33091
    P
    		Security update for openldap2 (Important)
    2021-03-03
    oval:org.opensuse.security:def:55301
    P
    		Security update for python-cryptography (Important)
    2021-03-02
    oval:org.opensuse.security:def:28942
    P
    		Security update for java-1_8_0-ibm (Important)
    2021-02-26
    oval:org.opensuse.security:def:26197
    P
    		Security update for postgresql13 (Moderate)
    2021-02-22
    oval:org.opensuse.security:def:26196
    P
    		Security update for ImageMagick (Moderate)
    2021-02-19
    oval:org.opensuse.security:def:32262
    P
    		Security update for java-1_8_0-openjdk (Moderate)
    2021-02-19
    oval:org.opensuse.security:def:32261
    P
    		Security update for krb5-appl (Important)
    2021-02-19
    oval:org.opensuse.security:def:33768
    P
    		Security update for java-1_7_1-ibm (Important)
    2021-02-18
    oval:org.opensuse.security:def:32273
    P
    		Security update for MozillaFirefox (Important)
    2021-01-12
    oval:org.opensuse.security:def:30004
    P
    		Security update for flac (Moderate)
    2021-01-04
    oval:org.opensuse.security:def:55135
    P
    		Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:55786
    P
    		Security update for xen (Moderate)
    2020-12-22
    oval:org.opensuse.security:def:72109
    P
    		MozillaFirefox-52.7.3-1.35 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:103747
    P
    		MozillaThunderbird-60.6.1-3.28.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:63563
    P
    		MozillaThunderbird-60.6.1-3.28.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:90092
    P
    		MozillaThunderbird-60.6.1-3.28.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:2474
    P
    		MozillaThunderbird-60.6.1-3.28.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62390
    P
    		MozillaFirefox-52.7.3-1.35 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:71465
    P
    		cups-filters-1.25.0-1.107 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:28546
    P
    		Security update for Mozilla Firefox
    2020-12-01
    oval:org.opensuse.security:def:50119
    P
    		apache2-mod_php7 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25911
    P
    		Security update for gstreamer-plugins-base (Low)
    2020-12-01
    oval:org.opensuse.security:def:28263
    P
    		Security update for mercurial (Important)
    2020-12-01
    oval:org.opensuse.security:def:27643
    P
    		Security update for libssh2
    2020-12-01
    oval:org.opensuse.security:def:27949
    P
    		Security update for GraphicsMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27420
    P
    		imlib2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33798
    P
    		Security update for gd
    2020-12-01
    oval:org.opensuse.security:def:27847
    P
    		Security update for openldap2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34190
    P
    		Security update for opie
    2020-12-01
    oval:org.opensuse.security:def:27325
    P
    		xen on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27217
    P
    		libsoup-2_4-1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33509
    P
    		Security update for openswan
    2020-12-01
    oval:org.opensuse.security:def:26626
    P
    		pam_mount on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27002
    P
    		openvpn on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33415
    P
    		Security update for zeromq (Important)
    2020-12-01
    oval:org.opensuse.security:def:26360
    P
    		Security update for MozillaThunderbird (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32579
    P
    		mozilla-xulrunner190 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26861
    P
    		ant on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26687
    P
    		e2fsprogs on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27069
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31991
    P
    		Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:26590
    P
    		libmusicbrainz4 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32313
    P
    		Security update for quagga (Important)
    2020-12-01
    oval:org.opensuse.security:def:34897
    P
    		Security update for dbus-1
    2020-12-01
    oval:org.opensuse.security:def:25923
    P
    		Security update for util-linux (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26352
    P
    		Security update for Mozilla Thunderbird (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30848
    P
    		Security update for dhcp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31538
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25824
    P
    		Security update for mariadb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26250
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:50134
    P
    		MozillaThunderbird on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25621
    P
    		Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:54618
    P
    		libvdpau1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55586
    P
    		Security update for openssh (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29716
    P
    		Security update for MozillaFirefox
    2020-12-01
    oval:org.opensuse.security:def:54455
    P
    		dracut on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29708
    P
    		Security update for MozillaFirefox
    2020-12-01
    oval:org.opensuse.security:def:26284
    P
    		Security update for taglib (Low)
    2020-12-01
    oval:org.opensuse.security:def:28687
    P
    		Security update for flash-player (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28998
    P
    		Security update for gnutls (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:57255
    P
    		Security update for openssl-certs
    2020-12-01
    oval:org.opensuse.security:def:28461
    P
    		Security update for xorg-x11-libX11 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28893
    P
    		Security update for fetchmail (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27698
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:28252
    P
    		Security update for libxml2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27559
    P
    		rubygem-i18n-0_6 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27935
    P
    		Security update for GraphicsMagick (Important)
    2020-12-01
    oval:org.opensuse.security:def:34259
    P
    		Security update for postgresql94 (Important)
    2020-12-01
    oval:org.opensuse.security:def:27292
    P
    		squid on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27794
    P
    		Security update for libgcrypt
    2020-12-01
    oval:org.opensuse.security:def:34151
    P
    		Security update for openssh (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27060
    P
    		xorg-x11-libs-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27360
    P
    		MozillaFirefox-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33427
    P
    		Security update for Samba
    2020-12-01
    oval:org.opensuse.security:def:26569
    P
    		kde4-kgreeter-plugins on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32723
    P
    		libopenssl0_9_8 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26963
    P
    		libpng12-0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49332
    P
    		socat on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26296
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32485
    P
    		PolicyKit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26337
    P
    		Security update for freexl (Low)
    2020-12-01
    oval:org.opensuse.security:def:26643
    P
    		systemtap on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31904
    P
    		Security update for foomatic-filters (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26541
    P
    		evince on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32291
    P
    		Security update for postgresql94 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50173
    P
    		MozillaThunderbird on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25912
    P
    		Security update for zziplib (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25962
    P
    		Security update for mariadb (Important)
    2020-12-01
    oval:org.opensuse.security:def:26338
    P
    		Security update for Chromium (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30885
    P
    		Security update for MozillaFirefox
    2020-12-01
    oval:org.opensuse.security:def:31537
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25696
    P
    		Security update for sudo (Important)
    2020-12-01
    oval:org.opensuse.security:def:55029
    P
    		vino on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27216
    P
    		libsnmp15-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:54478
    P
    		glib2-lang on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29851
    P
    		Security update for Linux Kernel
    2020-12-01
    oval:org.opensuse.security:def:29621
    P
    		Security update for boost
    2020-12-01
    oval:org.opensuse.security:def:28631
    P
    		Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:28603
    P
    		Security update for usbmuxd
    2020-12-01
    oval:org.opensuse.security:def:28981
    P
    		Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34937
    P
    		Security update for MozillaFirefox
    2020-12-01
    oval:org.opensuse.security:def:28330
    P
    		Security update for php53 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28839
    P
    		Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27993
    P
    		Security update for MozillaFirefox (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27733
    P
    		Security update for MozillaFirefox
    2020-12-01
    oval:org.opensuse.security:def:27502
    P
    		libwpd-0_8-8 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33887
    P
    		Security update for kdebase4-runtime
    2020-12-01
    oval:org.opensuse.security:def:27896
    P
    		Security update for tidy (Low)
    2020-12-01
    oval:org.opensuse.security:def:34215
    P
    		Security update for php5 (Important)
    2020-12-01
    oval:org.opensuse.security:def:50080
    P
    		libvirt on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25620
    P
    		Security update for ovmf (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27228
    P
    		libxcrypt on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26710
    P
    		gnome-screensaver on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34102
    P
    		Security update for MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-SLES-for-VMware, mozilla-nss (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27016
    P
    		postgresql on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33416
    P
    		Security update for ImageMagick
    2020-12-01
    oval:org.opensuse.security:def:26488
    P
    		Security update for cacti, cacti-spine (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32636
    P
    		apache2-mod_php53 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26914
    P
    		gvim on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27034
    P
    		stunnel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26285
    P
    		Security update for the Linux Kernel (Critical)
    2020-12-01
    oval:org.opensuse.security:def:32350
    P
    		Security update for squid (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26253
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32879
    P
    		gvim on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26629
    P
    		perl-Tk on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32357
    P
    		Security update for squid3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:57329
    P
    		Security update for MozillaFirefox
    2020-12-01
    oval:org.opensuse.security:def:25987
    P
    		Security update for the Linux Kernel (Critical)
    2020-12-01
    oval:org.opensuse.security:def:31847
    P
    		Security update for clamav (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26396
    P
    		Security update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:28251
    P
    		Security update for libxml2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31549
    P
    		Security update for screen (Low)
    2020-12-01
    oval:org.opensuse.security:def:25905
    P
    		Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:26299
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25632
    P
    		Security update for aspell (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:54856
    P
    		libecpg6 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55694
    P
    		Security update for ghostscript (Low)
    2020-12-01
    oval:org.opensuse.security:def:29680
    P
    		Security update for ecryptfs-utils
    2020-12-01
    oval:org.opensuse.security:def:54456
    P
    		e2fsprogs on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29765
    P
    		Security update for glibc (Important)
    2020-12-01
    oval:org.opensuse.security:def:49386
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29042
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:28666
    P
    		Security update for MozillaFirefox
    2020-12-01
    oval:org.mitre.oval:def:24858
    P
    		SUSE-SU-2014:0418-1 -- Security update for MozillaFirefox
    2015-03-16
    oval:org.mitre.oval:def:24625
    V
    		vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.
    2014-10-06
    oval:org.mitre.oval:def:24097
    P
    		USN-2151-1 -- thunderbird vulnerabilities
    2014-07-21
    oval:org.mitre.oval:def:24293
    P
    		RHSA-2014:0310: firefox security update (Critical)
    2014-07-07
    oval:org.mitre.oval:def:23979
    P
    		RHSA-2014:0316: thunderbird security update (Important)
    2014-07-07
    oval:org.mitre.oval:def:23735
    P
    		USN-2150-1 -- firefox vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:24225
    P
    		DSA-2881-1 iceweasel - security update
    2014-06-23
    oval:org.mitre.oval:def:24418
    P
    		ELSA-2014:0316: thunderbird security update (Important)
    2014-05-26
    oval:org.mitre.oval:def:24458
    P
    		ELSA-2014:0310: firefox security update (Critical)
    2014-05-26
    oval:org.opensuse.security:def:79963
    P
    		Security update for MozillaFirefox
    2014-03-20
    oval:com.redhat.rhsa:def:20140316
    P
    		RHSA-2014:0316: thunderbird security update (Important)
    2014-03-19
    oval:com.ubuntu.precise:def:20141514000
    V
    		CVE-2014-1514 on Ubuntu 12.04 LTS (precise) - medium.
    2014-03-19
    oval:com.redhat.rhsa:def:20140310
    P
    		RHSA-2014:0310: firefox security update (Critical)
    2014-03-18
    BACK
    mozilla firefox *
    mozilla firefox esr *
    mozilla seamonkey *
    mozilla thunderbird *
    debian debian linux 7.0
    debian debian linux 8.0
    suse suse linux enterprise software development kit 11.0 sp3
    opensuse opensuse 11.4
    opensuse opensuse 12.3
    opensuse opensuse 13.1
    suse suse linux enterprise desktop 11 sp3
    suse suse linux enterprise server 11 sp3
    suse suse linux enterprise server 11 sp3
    redhat enterprise linux desktop 5.0
    redhat enterprise linux desktop 6.0
    redhat enterprise linux eus 6.5
    redhat enterprise linux server 5.0
    redhat enterprise linux server 6.0
    redhat enterprise linux server aus 6.5
    redhat enterprise linux server eus 6.5
    redhat enterprise linux server tus 6.5
    redhat enterprise linux workstation 5.0
    redhat enterprise linux workstation 6.0
    canonical ubuntu linux 12.04
    canonical ubuntu linux 12.10
    canonical ubuntu linux 13.10
    mozilla firefox esr 24.3
    mozilla firefox 27.0
    mozilla seamonkey 2.24
    mozilla thunderbird 24.3.0
    redhat enterprise linux 5
    redhat enterprise linux 6
    redhat enterprise linux 6
    redhat enterprise linux desktop 6