| Errata ID | 263 |
|---|---|
| Date | 2014-12-19 |
| Source package | firefox-en |
| Fixed in version | 31.3.0esr-1.47.201412171615 |
| Description | Several vulnerabilities have been fixed with the update to Firefox ESR 31.3: * Multiple exploitable memory safety errors (CVE-2014-1587) * Bypass of security restrictions (CVE-2014-1589) * Denial of service in XMLHTTPRequest parsing (CVE-2014-1590) * Use-after-free in HTML5 parsing (CVE-2014-1592) * Buffer overflow in parsing media content (CVE-2014-1593) * Incorrect casting might potentially result in the execution of arbitrary code (CVE-2014-1594) |
| Additional notes | This update consists of two updates for firefox-en and firefox-de. |
| CVE ID | CVE-2014-1587 CVE-2014-1589 CVE-2014-1590 CVE-2014-1592 CVE-2014-1593 CVE-2014-1594 |
| UCS Bug number | #37140 |
