Debian Linux Security Advisory 2924-1 - Multiple security issues have been found in Icedove, Debian's version errors, buffer overflows, missing permission checks, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, privilege escalation, cross-site scripting or denial of service.
0a36e8832664a7fa25c7ef5f78f104e18d401f48f76439906c0a1067563c3ea6
Ubuntu Security Notice 2189-1 - Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd and Christian Holler discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Abhishek Arya discovered an out of bounds read when decoding JPG images. An attacker could potentially exploit this to cause a denial of service via application crash. Various other issues were also addressed.
84a238e254a2c4471becc1d883d2892ba3416652c3a0bbce8d3293c5e941a05e
Debian Linux Security Advisory 2918-1 - Multiple security issues have been found in Iceweasel, Debian's version buffer overflows, missing permission checks, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, privilege escalation, cross-site scripting or denial of service.
1f3b8414c42d1cd48ad738b19809a10a98093c643d3bcd3b281fa29856a7204e
Red Hat Security Advisory 2014-0449-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A use-after-free flaw was found in the way Thunderbird resolved hosts in certain circumstances. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
a52dde267c22507702855c506a072f4c51fecee367079af216d30e48dfe59a39
Red Hat Security Advisory 2014-0448-01 - Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A use-after-free flaw was found in the way Firefox resolved hosts in certain circumstances. An attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox.
036e0f8ed361fb24dcfd70187da07fb2d6493d57a7833ba2f31577d8834177fb
Ubuntu Security Notice 2185-1 - Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, John Schoenick, Karl Tomlinson, Vladimir Vukicevic and Christian Holler discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. An out of bounds read was discovered in Web Audio. An attacker could potentially exploit this cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
cac7cbb67ced17c78361165cc7c3b566fff48bd23c5d90687e88e4ae5a84c369