Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1528

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2014-1528
Last Modified 10 Aug 2015 10:58:43
Published 30 Apr 2014 06:49:04
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-1528

Summary

The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element.

Vulnerable Systems

Application

  • Mozilla Firefox 28.0

  • Mozilla Seamonkey 2.25


References

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=963962

CONFIRM - http://www.mozilla.org/security/announce/2014/mfsa2014-41.html

FEDORA - FEDORA-2014-5829

UBUNTU - USN-2185-1

SUSE - openSUSE-SU-2014:0629

SUSE - openSUSE-SU-2014:0599

SECUNIA - 59866

SECTRACK - 1030164

SECTRACK - 1030163

Related Patches

Mozilla Firefox (en-us) 29.0 for Windows (Update) (See Notes)


Last Updated: 27 May 2016 11:08:48