CVE-2014-8641
SeaMonkey < 2.32 - Remote Code Execution via WebRTC Track Data
Title source: llmDescription
Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via crafted track data.
References (26)
Core 26
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-0046.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62242
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1031533
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/72044
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00002.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62250
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00033.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62237
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00014.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62418
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00032.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62316
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201504-01
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62313
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62293
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62446
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62273
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2015/dsa-3127
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html
Various Sources x_refsource_confirm
http://linux.oracle.com/errata/ELSA-2015-0046.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62253
Vendor Advisory x_refsource_confirm
http://www.mozilla.org/security/announce/2014/mfsa2015-06.html
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=1108455
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62790
Vendor Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/99961
Scores
EPSS
0.0152
EPSS Percentile
81.5%
Details
Status
published
Products (7)
mozilla/firefox
31.0
mozilla/firefox
31.1.0
mozilla/firefox
31.1.1
mozilla/firefox
31.3.0
mozilla/firefox
< 34.0.5
mozilla/firefox_esr
31.2
mozilla/seamonkey
< 2.31
Published
Jan 14, 2015
Tracked Since
Feb 18, 2026