Test ID:	1.3.6.1.4.1.25623.1.2.1.2014.39
Category:	General
Title:	Mozilla Firefox Security Advisory (MFSA2014-39) - Linux
Summary:	This host is missing a security update for Mozilla Firefox.
Description:	Summary: This host is missing a security update for Mozilla Firefox. Vulnerability Insight: Use-after-free in the Text Track Manager for HTML video Using the Address Sanitizer tool, security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team found a use-after-free in the Text Track Manager while processing HTML video. This was caused by inconsistent garbage collection of Text Track Manager variables and results in a potentially exploitable crash. Affected Software/OS: Firefox version(s) below 29. Solution: The vendor has released an update. Please see the reference(s) for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-1525 http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html https://security.gentoo.org/glsa/201504-01 http://www.securitytracker.com/id/1030163 http://www.securitytracker.com/id/1030164 http://secunia.com/advisories/59866 SuSE Security Announcement: openSUSE-SU-2014:0599 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html SuSE Security Announcement: openSUSE-SU-2014:0629 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html http://www.ubuntu.com/usn/USN-2185-1
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.