Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SU-2014:0638-1
HistoryMay 14, 2014 - 1:04 a.m.

Security update for Mozilla Firefox (important)

2014-05-1401:04:17
lists.opensuse.org
17

0.021 Low

EPSS

Percentile

89.2%

JSON

This Mozilla Firefox and Mozilla NSS update to 24.5.0esr fixes the
following several security and non-security issues:

  • MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards
  • MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG
    images
  • MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object
    as XBL
  • MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web
    Notification API
  • MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history
    navigations
  • MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while
    resizing images
  • MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver

Mozilla NSS has been updated to 3.16:

  • required for Firefox 29
  • CVE-2014-1492: In a wildcard certificate, the wildcard character
    should not be embedded within the U-label of an internationalized domain
    name. See the last bullet point in RFC 6125, Section 7.2.
  • Update of root certificates.
OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Software Development Kit11.3ia64mozilla-nspr-devel< 4.10.4-0.3.1mozilla-nspr-devel-4.10.4-0.3.1.ia64.rpm
SUSE Linux Enterprise Server11.3s390xmozillafirefox-translations< 24.5.0esr-0.8.1MozillaFirefox-translations-24.5.0esr-0.8.1.s390x.rpm
SUSE Linux Enterprise Server11.3x86_64mozillafirefox-translations< 24.5.0esr-0.8.1MozillaFirefox-translations-24.5.0esr-0.8.1.x86_64.rpm
SUSE Linux Enterprise Server11.3ia64mozillafirefox-branding-sled< 24-0.7.36MozillaFirefox-branding-SLED-24-0.7.36.ia64.rpm
SUSE Linux Enterprise Server11.3i586mozillafirefox< 24.5.0esr-0.8.1MozillaFirefox-24.5.0esr-0.8.1.i586.rpm
SUSE Linux Enterprise Server11.3ia64mozilla-nss-x86< 3.16-0.8.1mozilla-nss-x86-3.16-0.8.1.ia64.rpm
SUSE Linux Enterprise Server for VMware11.3i586mozillafirefox-translations< 24.5.0esr-0.8.1MozillaFirefox-translations-24.5.0esr-0.8.1.i586.rpm
SUSE Linux Enterprise Server11.3ia64libsoftokn3< 3.16-0.8.1libsoftokn3-3.16-0.8.1.ia64.rpm
SUSE Linux Enterprise Server11.3s390xlibfreebl3< 3.16-0.8.1libfreebl3-3.16-0.8.1.s390x.rpm
SUSE Linux Enterprise Server for VMware11.3i586mozilla-nss-tools< 3.16-0.8.1mozilla-nss-tools-3.16-0.8.1.i586.rpm
Rows per page:
1-10 of 1091

Related

openvas 59
nessus 43
suse 4
osv 2
centos 3
oraclelinux 3
redhat 3
debian 2
veracode 8
ubuntu 3
mageia 2
ibm 2
freebsd 1
securityvulns 2
cve 9
packetstorm 1
cvelist 9
nvd 9
zdt 1
mozilla 9
ubuntucve 9
slackware 1
prion 9
seebug 1
debiancve 1
amazon 3
openvas
openvas
SUSE: Security Advisory for Mozilla (SUSE-SU-2014:0638-1)
2015-10-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0638-2)
2021-06-09 00:00:00
SUSE: Security Advisory for Mozilla (SUSE-SU-2014:0638-2)
2015-10-16 00:00:00
nessus
nessus
SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 9185)
2014-05-14 00:00:00
SUSE SLES10 Security Update : Mozilla Firefox (SUSE-SU-2014:0727-1)
2015-05-20 00:00:00
SUSE SLES11 Security Update : Mozilla Firefox (SUSE-SU-2014:0665-1)
2015-05-20 00:00:00
suse
suse
Security update for Mozilla Firefox (important)
2014-05-16 02:05:07
Security update for Mozilla Firefox (important)
2014-05-16 02:04:19
Security update for Mozilla Firefox (important)
2014-05-28 22:05:08
osv
osv
icedove - security update
2014-05-05 00:00:00
iceweasel - security update
2014-04-30 00:00:00
centos
centos
firefox security update
2014-04-30 12:17:25
thunderbird security update
2014-04-30 12:17:04
nss security update
2014-08-18 21:47:41
oraclelinux
oraclelinux
firefox security update
2014-04-30 00:00:00
thunderbird security update
2014-04-30 00:00:00
nss, nss-util, nss-softokn security, bug fix, and enhancement update
2014-08-18 00:00:00
redhat
redhat
(RHSA-2014:0448) Critical: firefox security update
2014-04-29 00:00:00
(RHSA-2014:0449) Important: thunderbird security update
2014-04-29 00:00:00
(RHSA-2014:1073) Low: nss, nss-util, nss-softokn security, bug fix, and enhancement update
2014-08-18 00:00:00
debian
debian
[SECURITY] [DSA 2924-1] icedove security update
2014-05-05 15:31:23
[SECURITY] [DSA 2918-1] iceweasel security update
2014-04-30 13:54:12
veracode
veracode
Arbitrary Code Execution
2019-05-02 04:57:48
Cross-Site Scripting (XSS)
2019-05-02 04:57:49
Arbitrary Code Execution
2019-05-02 04:57:49
ubuntu
ubuntu
Thunderbird vulnerabilities
2014-04-30 00:00:00
Firefox vulnerabilities
2014-04-29 00:00:00
NSS vulnerability
2014-04-02 00:00:00
mageia
mageia
Updated firefox & thunderbird packages fix multiple vulnerabilities
2014-05-02 22:03:24
Updated iceape packages fix multiple vulnerabilities
2014-06-11 20:56:59
ibm
ibm
Security Bulletin: IBM Storwize V7000 Unified security vulnerabilities related to Mozilla Firefox (CVE-2014-1518, CVE-2014-1523, CVE-2014-1524, CVE-2014-1529, CVE-2014-1530, CVE-2014-1531, CVE-2014-1532, CVE-2014-1533, CVE-2014-1538, CVE-2014-1541)
2018-06-18 00:08:28
Security Bulletin: Mozilla firefox vulnerability issues on IBM SONAS (CVE-2014-1518, CVE-2014-1523, CVE-2014-1524, CVE-2014-1529, CVE-2014-1530, CVE-2014-1531, CVE-2014-1532, CVE-2014-1533, CVE-2014-1538, CVE-2014-1541)
2018-06-18 00:08:33
freebsd
freebsd
mozilla -- multiple vulnerabilities
2014-04-29 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2014-05-01 00:00:00
[ MDVSA-2014:066 ] nss
2014-03-24 00:00:00
cve
cve
CVE-2014-1520
2014-04-30 10:49:04
CVE-2014-1524
2014-04-30 10:49:04
CVE-2014-1523
2014-04-30 10:49:04
packetstorm
packetstorm
Mozilla Firefox DLL Hijacking
2016-06-15 00:00:00
cvelist
cvelist
CVE-2014-1520
2014-04-30 10:00:00
CVE-2014-1518
2014-04-30 10:00:00
CVE-2014-1523
2014-04-30 10:00:00
nvd
nvd
CVE-2014-1520
2014-04-30 10:49:04
CVE-2014-1524
2014-04-30 10:49:04
CVE-2014-1518
2014-04-30 10:49:04
zdt
zdt
Mozilla Arbitrary Code Execution / Privilege Escalation Vulnerability
2021-03-09 00:00:00
mozilla
mozilla
Buffer overflow when using non-XBL object as XBL — Mozilla
2014-04-29 00:00:00
Privilege escalation through Mozilla Maintenance Service Installer — Mozilla
2014-04-29 00:00:00
Use-after-free in nsHostResolver — Mozilla
2014-04-29 00:00:00
ubuntucve
ubuntucve
CVE-2014-1524
2014-04-29 00:00:00
CVE-2014-1520
2014-04-30 00:00:00
CVE-2014-1518
2014-04-29 00:00:00
slackware
slackware
[slackware-security] mozilla-nss
2014-03-28 22:54:39
prion
prion
Directory traversal
2014-04-30 10:49:00
Buffer overflow
2014-04-30 10:49:00
Memory corruption
2014-04-30 10:49:00
seebug
seebug
Mozilla Network Security Services 'p12creat.c'内存破坏漏洞
2014-03-25 00:00:00
debiancve
debiancve
CVE-2014-1492
2014-03-25 13:25:38
amazon
amazon
Medium: ruby22
2015-05-27 14:06:00
Medium: ruby19
2015-05-27 14:05:00
Medium: ruby20
2015-05-27 14:05:00

0.021 Low

EPSS

Percentile

89.2%

JSON
Related for SUSE-SU-2014:0638-1
openvas59nessus43suse4osv2centos3oraclelinux3redhat3debian2veracode8ubuntu3mageia2ibm2freebsd1securityvulns2cve9packetstorm1cvelist9nvd9zdt1mozilla9ubuntucve9slackware1prion9seebug1debiancve1amazon3