CVE-2014-8641

Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via crafted track data.

Published: Jan 14, 2015
Updated: Apr 13, 2023
CVE: CVE-2014-8641
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mozilla / seamonkey	-	2.31.x
mozilla / firefox_esr	31.3.0	31.3.0.x
mozilla / firefox_esr	31.1.1	31.1.1.x
mozilla / firefox_esr	31.1.0	31.1.0.x
mozilla / firefox_esr	31.2	31.2.x
mozilla / firefox_esr	31.0	31.0.x
mozilla / firefox	-	34.0.5.x

http://linux.oracle.com/errata/ELSA-2015-0046.html
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00032.html
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00033.html
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00002.html
http://rhn.redhat.com/errata/RHSA-2015-0046.html
http://secunia.com/advisories/62237
http://secunia.com/advisories/62242
http://secunia.com/advisories/62250
http://secunia.com/advisories/62253
http://secunia.com/advisories/62273
http://secunia.com/advisories/62293
http://secunia.com/advisories/62313
http://secunia.com/advisories/62316
http://secunia.com/advisories/62418
http://secunia.com/advisories/62446
http://secunia.com/advisories/62790
http://www.debian.org/security/2015/dsa-3127
http://www.mozilla.org/security/announce/2014/mfsa2015-06.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
http://www.securityfocus.com/bid/72044
http://www.securitytracker.com/id/1031533
https://bugzilla.mozilla.org/show_bug.cgi?id=1108455
https://exchange.xforce.ibmcloud.com/vulnerabilities/99961
https://security.gentoo.org/glsa/201504-01

Vulnerability Database

289,599

CVE-2014-8641