English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.10.2014.0419
Category:Mageia Linux Local Security Checks
Title:Mageia: Security Advisory (MGASA-2014-0419)
Summary:The remote host is missing an update for the 'iceape' package(s) announced via the MGASA-2014-0419 advisory.
Description:Summary:
The remote host is missing an update for the 'iceape' package(s) announced via the MGASA-2014-0419 advisory.

Vulnerability Insight:
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird
before 24.6 allow remote attackers to cause a denial of service
(memory corruption and application crash) or possibly execute
arbitrary code via unknown vectors. (CVE-2014-1533)

Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 30.0 allow remote attackers to cause a denial of
service (memory corruption and application crash) or possibly execute
arbitrary code via unknown vectors. (CVE-2014-1534)

The PropertyProvider::FindJustificationRange function in Mozilla
Firefox before 30.0 allows remote attackers to execute arbitrary code
or cause a denial of service (out-of-bounds read) via unspecified
vectors. (CVE-2014-1536)

Use-after-free vulnerability in the
mozilla::dom::workers::WorkerPrivateParent function in Mozilla Firefox
before 30.0 allows remote attackers to execute arbitrary code or cause
a denial of service (heap memory corruption) via unspecified vectors.
(CVE-2014-1537)

Use-after-free vulnerability in the nsTextEditRules::CreateMozBR
function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6,
and Thunderbird before 24.6 allows remote attackers to execute
arbitrary code or cause a denial of service (heap memory corruption)
via unspecified vectors. (CVE-2014-1538)

Use-after-free vulnerability in the
nsEventListenerManager::CompileEventHandlerInternal function in the
Event Listener Manager in Mozilla Firefox before 30.0 allows remote
attackers to execute arbitrary code or cause a denial of service (heap
memory corruption) via crafted web content. (CVE-2014-1540)

Use-after-free vulnerability in the RefreshDriverTimer::Tick*Driver
function in the SMIL Animation Controller in Mozilla Firefox before
30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows
remote attackers to execute arbitrary code or cause a denial of
service (heap memory corruption) via crafted web content.
(CVE-2014-1541)

Buffer overflow in the Speex resampler in the Web Audio subsystem in
Mozilla Firefox before 30.0 allows remote attackers to execute
arbitrary code via vectors related to a crafted AudioBuffer channel
count and sample rate. (CVE-2014-1542)

Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird
before 24.7 allow remote attackers to cause a denial of service
(memory corruption and application crash) or possibly execute
arbitrary code via unknown vectors. (CVE-2014-1547)

Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers
to cause a denial of service (memory corruption and application crash)
or possibly execute arbitrary code via unknown vectors.
(CVE-2014-1548)

The ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'iceape' package(s) on Mageia 3, Mageia 4.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-1533
BugTraq ID: 67965
http://www.securityfocus.com/bid/67965
Debian Security Information: DSA-2955 (Google Search)
http://www.debian.org/security/2014/dsa-2955
Debian Security Information: DSA-2960 (Google Search)
http://www.debian.org/security/2014/dsa-2960
https://security.gentoo.org/glsa/201504-01
RedHat Security Advisories: RHSA-2014:0741
http://rhn.redhat.com/errata/RHSA-2014-0741.html
RedHat Security Advisories: RHSA-2014:0742
http://rhn.redhat.com/errata/RHSA-2014-0742.html
http://www.securitytracker.com/id/1030386
http://www.securitytracker.com/id/1030388
http://secunia.com/advisories/58984
http://secunia.com/advisories/59052
http://secunia.com/advisories/59149
http://secunia.com/advisories/59150
http://secunia.com/advisories/59165
http://secunia.com/advisories/59169
http://secunia.com/advisories/59170
http://secunia.com/advisories/59171
http://secunia.com/advisories/59229
http://secunia.com/advisories/59275
http://secunia.com/advisories/59328
http://secunia.com/advisories/59377
http://secunia.com/advisories/59387
http://secunia.com/advisories/59425
http://secunia.com/advisories/59486
http://secunia.com/advisories/59866
SuSE Security Announcement: SUSE-SU-2014:0824 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html
SuSE Security Announcement: openSUSE-SU-2014:0797 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html
SuSE Security Announcement: openSUSE-SU-2014:0819 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html
SuSE Security Announcement: openSUSE-SU-2014:0855 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html
SuSE Security Announcement: openSUSE-SU-2014:0858 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html
http://www.ubuntu.com/usn/USN-2243-1
http://www.ubuntu.com/usn/USN-2250-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-1534
BugTraq ID: 67964
http://www.securityfocus.com/bid/67964
Common Vulnerability Exposure (CVE) ID: CVE-2014-1536
BugTraq ID: 67966
http://www.securityfocus.com/bid/67966
Common Vulnerability Exposure (CVE) ID: CVE-2014-1537
BugTraq ID: 67971
http://www.securityfocus.com/bid/67971
Common Vulnerability Exposure (CVE) ID: CVE-2014-1538
BugTraq ID: 67976
http://www.securityfocus.com/bid/67976
Common Vulnerability Exposure (CVE) ID: CVE-2014-1540
BugTraq ID: 67978
http://www.securityfocus.com/bid/67978
Common Vulnerability Exposure (CVE) ID: CVE-2014-1541
BugTraq ID: 67979
http://www.securityfocus.com/bid/67979
Common Vulnerability Exposure (CVE) ID: CVE-2014-1542
BugTraq ID: 67968
http://www.securityfocus.com/bid/67968
Common Vulnerability Exposure (CVE) ID: CVE-2014-1547
BugTraq ID: 68811
http://www.securityfocus.com/bid/68811
Debian Security Information: DSA-2986 (Google Search)
http://www.debian.org/security/2014/dsa-2986
Debian Security Information: DSA-2996 (Google Search)
http://www.debian.org/security/2014/dsa-2996
http://www.securitytracker.com/id/1030619
http://www.securitytracker.com/id/1030620
http://secunia.com/advisories/59591
http://secunia.com/advisories/59719
http://secunia.com/advisories/59760
http://secunia.com/advisories/60083
http://secunia.com/advisories/60306
http://secunia.com/advisories/60486
http://secunia.com/advisories/60621
http://secunia.com/advisories/60628
Common Vulnerability Exposure (CVE) ID: CVE-2014-1548
BugTraq ID: 68818
http://www.securityfocus.com/bid/68818
Common Vulnerability Exposure (CVE) ID: CVE-2014-1549
BugTraq ID: 68820
http://www.securityfocus.com/bid/68820
Common Vulnerability Exposure (CVE) ID: CVE-2014-1550
Common Vulnerability Exposure (CVE) ID: CVE-2014-1552
Common Vulnerability Exposure (CVE) ID: CVE-2014-1553
BugTraq ID: 69524
http://www.securityfocus.com/bid/69524
http://www.securitytracker.com/id/1030793
http://www.securitytracker.com/id/1030794
http://secunia.com/advisories/60148
http://secunia.com/advisories/61114
SuSE Security Announcement: openSUSE-SU-2014:1098 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.html
SuSE Security Announcement: openSUSE-SU-2014:1099 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-09/msg00011.html
SuSE Security Announcement: openSUSE-SU-2015:0138 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html
SuSE Security Announcement: openSUSE-SU-2015:1266 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-1554
BugTraq ID: 69526
http://www.securityfocus.com/bid/69526
http://secunia.com/advisories/62022
http://secunia.com/advisories/62023
SuSE Security Announcement: openSUSE-SU-2014:1344 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html
SuSE Security Announcement: openSUSE-SU-2014:1345 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-1555
BugTraq ID: 68814
http://www.securityfocus.com/bid/68814
Common Vulnerability Exposure (CVE) ID: CVE-2014-1556
BugTraq ID: 68822
http://www.securityfocus.com/bid/68822
Common Vulnerability Exposure (CVE) ID: CVE-2014-1557
BugTraq ID: 68824
http://www.securityfocus.com/bid/68824
Common Vulnerability Exposure (CVE) ID: CVE-2014-1558
Common Vulnerability Exposure (CVE) ID: CVE-2014-1559
Common Vulnerability Exposure (CVE) ID: CVE-2014-1560
Common Vulnerability Exposure (CVE) ID: CVE-2014-1561
Common Vulnerability Exposure (CVE) ID: CVE-2014-1562
BugTraq ID: 69519
http://www.securityfocus.com/bid/69519
Debian Security Information: DSA-3018 (Google Search)
http://www.debian.org/security/2014/dsa-3018
Debian Security Information: DSA-3028 (Google Search)
http://www.debian.org/security/2014/dsa-3028
http://secunia.com/advisories/60186
http://secunia.com/advisories/61390
SuSE Security Announcement: SUSE-SU-2014:1107 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00005.html
SuSE Security Announcement: SUSE-SU-2014:1112 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00007.html
SuSE Security Announcement: SUSE-SU-2014:1120 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00012.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-1563
BugTraq ID: 69523
http://www.securityfocus.com/bid/69523
Common Vulnerability Exposure (CVE) ID: CVE-2014-1564
BugTraq ID: 69525
http://www.securityfocus.com/bid/69525
Bugtraq: 20140904 Uninit memory disclosure via truncated images in Firefox (Google Search)
http://www.securityfocus.com/archive/1/533357/100/0/threaded
http://seclists.org/fulldisclosure/2014/Sep/18
http://packetstormsecurity.com/files/128132/Mozilla-Firefox-Secret-Leak.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-1565
BugTraq ID: 69521
http://www.securityfocus.com/bid/69521
Common Vulnerability Exposure (CVE) ID: CVE-2014-1567
BugTraq ID: 69520
http://www.securityfocus.com/bid/69520
Common Vulnerability Exposure (CVE) ID: CVE-2014-1574
BugTraq ID: 70436
http://www.securityfocus.com/bid/70436
Debian Security Information: DSA-3050 (Google Search)
http://www.debian.org/security/2014/dsa-3050
Debian Security Information: DSA-3061 (Google Search)
http://www.debian.org/security/2014/dsa-3061
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html
RedHat Security Advisories: RHSA-2014:1635
http://rhn.redhat.com/errata/RHSA-2014-1635.html
RedHat Security Advisories: RHSA-2014:1647
http://rhn.redhat.com/errata/RHSA-2014-1647.html
http://www.securitytracker.com/id/1031028
http://www.securitytracker.com/id/1031030
http://secunia.com/advisories/61387
http://secunia.com/advisories/61854
http://secunia.com/advisories/62021
SuSE Security Announcement: openSUSE-SU-2014:1343 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-11/msg00000.html
SuSE Security Announcement: openSUSE-SU-2014:1346 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-11/msg00003.html
http://www.ubuntu.com/usn/USN-2372-1
http://www.ubuntu.com/usn/USN-2373-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-1575
BugTraq ID: 70439
http://www.securityfocus.com/bid/70439
Common Vulnerability Exposure (CVE) ID: CVE-2014-1576
BugTraq ID: 70430
http://www.securityfocus.com/bid/70430
Common Vulnerability Exposure (CVE) ID: CVE-2014-1577
BugTraq ID: 70440
http://www.securityfocus.com/bid/70440
Common Vulnerability Exposure (CVE) ID: CVE-2014-1578
BugTraq ID: 70428
http://www.securityfocus.com/bid/70428
Common Vulnerability Exposure (CVE) ID: CVE-2014-1580
BugTraq ID: 70431
http://www.securityfocus.com/bid/70431
Common Vulnerability Exposure (CVE) ID: CVE-2014-1581
BugTraq ID: 70426
http://www.securityfocus.com/bid/70426
Common Vulnerability Exposure (CVE) ID: CVE-2014-1582
BugTraq ID: 70432
http://www.securityfocus.com/bid/70432
Common Vulnerability Exposure (CVE) ID: CVE-2014-1583
BugTraq ID: 70424
http://www.securityfocus.com/bid/70424
Common Vulnerability Exposure (CVE) ID: CVE-2014-1584
BugTraq ID: 70434
http://www.securityfocus.com/bid/70434
Common Vulnerability Exposure (CVE) ID: CVE-2014-1585
BugTraq ID: 70425
http://www.securityfocus.com/bid/70425
Common Vulnerability Exposure (CVE) ID: CVE-2014-1586
BugTraq ID: 70427
http://www.securityfocus.com/bid/70427
CopyrightCopyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.