usn-2424-1
Vulnerability from osv_ubuntu
Gary Kwong, Randell Jesup, Nils Ohlmeier, Jesse Ruderman, Max Jonas Werner, Christian Holler, Jon Coppeard, Eric Rahm, Byron Campen, Eric Rescorla, and Xidorn Quan discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-1587, CVE-2014-1588)
Cody Crews discovered a way to trigger chrome-level XBL bindings from web content in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass security restrictions. (CVE-2014-1589)
Joe Vennix discovered a crash when using XMLHttpRequest in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service. (CVE-2014-1590)
Muneaki Nishimura discovered that CSP violation reports did not remove path information in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information. (CVE-2014-1591)
Berend-Jan Wever discovered a use-after-free during HTML parsing. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-1592)
Abhishek Arya discovered a buffer overflow when parsing media content. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-1593)
Byoungyoung Lee, Chengyu Song, and Taesoo Kim discovered a bad cast in the compositor. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause undefined behaviour, a denial of service via application crash or execute abitrary code with the privileges of the user invoking Firefox. (CVE-2014-1594)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2014-1587",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1588",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1589",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1590",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1591",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1592",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1593",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1594",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:14.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "firefox",
"binary_version": "34.0+build2-0ubuntu0.14.04.1"
},
{
"binary_name": "firefox-globalmenu",
"binary_version": "34.0+build2-0ubuntu0.14.04.1"
},
{
"binary_name": "firefox-mozsymbols",
"binary_version": "34.0+build2-0ubuntu0.14.04.1"
},
{
"binary_name": "firefox-testsuite",
"binary_version": "34.0+build2-0ubuntu0.14.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:14.04:LTS",
"name": "firefox",
"purl": "pkg:deb/ubuntu/firefox@34.0+build2-0ubuntu0.14.04.1?arch=source\u0026distro=trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "34.0+build2-0ubuntu0.14.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"24.0+build1-0ubuntu1",
"25.0+build3-0ubuntu0.13.10.1",
"28.0~b2+build1-0ubuntu2",
"28.0+build1-0ubuntu1",
"28.0+build2-0ubuntu1",
"28.0+build2-0ubuntu2",
"29.0+build1-0ubuntu0.14.04.2",
"30.0+build1-0ubuntu0.14.04.3",
"31.0+build1-0ubuntu0.14.04.1",
"32.0+build1-0ubuntu0.14.04.1",
"32.0.3+build1-0ubuntu0.14.04.1",
"33.0+build2-0ubuntu0.14.04.1"
]
}
],
"aliases": [],
"details": "Gary Kwong, Randell Jesup, Nils Ohlmeier, Jesse Ruderman, Max Jonas\nWerner, Christian Holler, Jon Coppeard, Eric Rahm, Byron Campen, Eric\nRescorla, and Xidorn Quan discovered multiple memory safety issues in\nFirefox. If a user were tricked in to opening a specially crafted website,\nan attacker could potentially exploit these to cause a denial of service\nvia application crash, or execute arbitrary code with the privileges of\nthe user invoking Firefox. (CVE-2014-1587, CVE-2014-1588)\n\nCody Crews discovered a way to trigger chrome-level XBL bindings from web\ncontent in some circumstances. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially exploit this to\nbypass security restrictions. (CVE-2014-1589)\n\nJoe Vennix discovered a crash when using XMLHttpRequest in some\ncircumstances. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to cause a denial of\nservice. (CVE-2014-1590)\n\nMuneaki Nishimura discovered that CSP violation reports did not remove\npath information in some circumstances. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially\nexploit this to obtain sensitive information. (CVE-2014-1591)\n\nBerend-Jan Wever discovered a use-after-free during HTML parsing. If a\nuser were tricked in to opening a specially crafted website, an attacker\ncould potentially exploit this to cause a denial of service via\napplication crash or execute arbitrary code with the privileges of the\nuser invoking Firefox. (CVE-2014-1592)\n\nAbhishek Arya discovered a buffer overflow when parsing media content. If\na user were tricked in to opening a specially crafted website, an attacker\ncould potentially exploit this to cause a denial of service via\napplication crash or execute arbitrary code with the privileges of the\nuser invoking Firefox. (CVE-2014-1593)\n\nByoungyoung Lee, Chengyu Song, and Taesoo Kim discovered a bad cast in the\ncompositor. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to cause undefined\nbehaviour, a denial of service via application crash or execute abitrary\ncode with the privileges of the user invoking Firefox. (CVE-2014-1594)\n",
"id": "USN-2424-1",
"modified": "2026-04-22T07:36:32Z",
"published": "2014-12-02T20:24:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-2424-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1587"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1588"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1589"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1590"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1591"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1592"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1593"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1594"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "firefox vulnerabilities",
"upstream": [
"UBUNTU-CVE-2014-1587",
"UBUNTU-CVE-2014-1588",
"UBUNTU-CVE-2014-1589",
"UBUNTU-CVE-2014-1590",
"UBUNTU-CVE-2014-1591",
"UBUNTU-CVE-2014-1592",
"UBUNTU-CVE-2014-1593",
"UBUNTU-CVE-2014-1594"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.