[FREEBSD:42C98CEF-62B1-4B8B-9065-F4621E08D526] libvpx -- out-of-bounds write
Severity
High
Affected Packages
9
CVEs
1
The Mozilla Project reports:
Using the Address Sanitizer tool, security researcher
Abhishek Arya (Inferno) of the Google Chrome Security Team
found an out-of-bounds write when buffering WebM format
video containing frames with invalid tile sizes. This can
lead to a potentially exploitable crash during WebM video
playback.
Package | Affected Version |
---|---|
pkg:freebsd/thunderbird | < 31.1.2 |
pkg:freebsd/seamonkey | < 2.30 |
pkg:freebsd/linux-thunderbird | < 31.1.2 |
pkg:freebsd/linux-seamonkey | < 2.30 |
pkg:freebsd/linux-firefox | < 33.0,1 |
pkg:freebsd/libxul | < 31.1.2 |
pkg:freebsd/libvpx | < 1.4.0 |
pkg:freebsd/firefox-esr | < 31.1.2,1 |
pkg:freebsd/firefox | < 33.0,1 |
- ID
- FREEBSD:42C98CEF-62B1-4B8B-9065-F4621E08D526
- Severity
- high
- Severity from
- CVE-2014-1578
- URL
- http://vuxml.freebsd.org/freebsd/42c98cef-62b1-4b8b-9065-f4621e08d526.html
- Published
-
2014-10-14T00:00:00
(10 years ago) - Modified
-
2015-08-12T00:00:00
(9 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
FreeBSD VuXML | https://www.mozilla.org/security/advisories/mfsa2014-77/ | ||
FreeBSD VuXML | https://hg.mozilla.org/releases/mozilla-esr31/rev/6023f0b4f8ba |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/thunderbird | thunderbird | < 31.1.2 | ||||
Affected | pkg:freebsd/seamonkey | seamonkey | < 2.30 | ||||
Affected | pkg:freebsd/linux-thunderbird | linux-thunderbird | < 31.1.2 | ||||
Affected | pkg:freebsd/linux-seamonkey | linux-seamonkey | < 2.30 | ||||
Affected | pkg:freebsd/linux-firefox | linux-firefox | < 33.0,1 | ||||
Affected | pkg:freebsd/libxul | libxul | < 31.1.2 | ||||
Affected | pkg:freebsd/libvpx | libvpx | < 1.4.0 | ||||
Affected | pkg:freebsd/firefox-esr | firefox-esr | < 31.1.2,1 | ||||
Affected | pkg:freebsd/firefox | firefox | < 33.0,1 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |