CVE-2014-8641 Information

Description

Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0 Firefox ESR 31.x before 31.4 and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via crafted track data.

Reference

http://linux.oracle.com/errata/ELSA-2015-0046.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00002.html http://rhn.redhat.com/errata/RHSA-2015-0046.html http://secunia.com/advisories/62237 http://secunia.com/advisories/62242 http://secunia.com/advisories/62250 http://secunia.com/advisories/62253 http://secunia.com/advisories/62273 http://secunia.com/advisories/62293 http://secunia.com/advisories/62313 http://secunia.com/advisories/62316 http://secunia.com/advisories/62418 http://secunia.com/advisories/62446 http://secunia.com/advisories/62790 http://www.debian.org/security/2015/dsa-3127 http://www.mozilla.org/security/announce/2014/mfsa2015-06.html http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www.securityfocus.com/bid/72044 http://www.securitytracker.com/id/1031533 https://bugzilla.mozilla.org/show_bug.cgi?id=1108455 https://exchange.xforce.ibmcloud.com/vulnerabilities/99961 https://security.gentoo.org/glsa/201504-01