Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8643

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2014-8643
Last Modified 27 Feb 2015 03:13:32
Published 14 Jan 2015 06:59:11
Confidentiality Impact NONE NONE
Integrity Impact COMPLETE COMPLETE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-8643

Summary

Mozilla Firefox before 35.0 on Windows allows remote attackers to bypass the Gecko Media Plugin (GMP) sandbox protection mechanism by leveraging access to the GMP process, as demonstrated by the OpenH264 plugin's process.

Vulnerable Systems

Operating System

  • Novell Opensuse 13.1

  • Novell Opensuse 13.2

Application

  • Mozilla Firefox 34.0.5


References

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=1117140

CONFIRM - http://www.mozilla.org/security/announce/2014/mfsa2015-07.html

SECTRACK - 1031533

SECUNIA - 62446

SUSE - openSUSE-SU-2015:0192

SUSE - openSUSE-SU-2015:0077

Related Patches

Mozilla Firefox 35.0 for Mac OS X (See Notes)


Last Updated: 27 May 2016 11:07:57