{"id":"USN-2458-2","summary":"ubufox update","details":"USN-2458-1 fixed vulnerabilities in Firefox. This update provides the\ncorresponding version of Ubufox.\n\nOriginal advisory details:\n\n Christian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse\n Ruderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered\n multiple memory safety issues in Firefox. If a user were tricked in to\n opening a specially crafted website, an attacker could potentially exploit\n these to cause a denial of service via application crash, or execute\n arbitrary code with the privileges of the user invoking Firefox.\n (CVE-2014-8634, CVE-2014-8635)\n \n Bobby Holley discovered that some DOM objects with certain properties\n can bypass XrayWrappers in some circumstances. If a user were tricked in\n to opening a specially crafted website, an attacker could potentially\n exploit this to bypass security restrictions. (CVE-2014-8636)\n \n Michal Zalewski discovered a use of uninitialized memory when rendering\n malformed bitmap images on a canvas element. If a user were tricked in to\n opening a specially crafted website, an attacker could potentially\n exploit this to steal confidential information. (CVE-2014-8637)\n \n Muneaki Nishimura discovered that requests from navigator.sendBeacon()\n lack an origin header. If a user were tricked in to opening a specially\n crafted website, an attacker could potentially exploit this to conduct\n cross-site request forgery (XSRF) attacks. (CVE-2014-8638)\n \n Xiaofeng Zheng discovered that a web proxy returning a 407 response\n could inject cookies in to the originally requested domain. If a user\n connected to a malicious web proxy, an attacker could potentially exploit\n this to conduct session-fixation attacks. (CVE-2014-8639)\n \n Holger Fuhrmannek discovered a crash in Web Audio while manipulating\n timelines. If a user were tricked in to opening a specially crafted\n website, an attacker could potentially exploit this to cause a denial\n of service. (CVE-2014-8640)\n \n Mitchell Harper discovered a use-after-free in WebRTC. If a user were\n tricked in to opening a specially crafted website, an attacker could\n potentially exploit this to cause a denial of service via application\n crash, or execute arbitrary code with the privileges of the user invoking\n Firefox. (CVE-2014-8641)\n \n Brian Smith discovered that OCSP responses would fail to verify if signed\n by a delegated OCSP responder certificate with the id-pkix-ocsp-nocheck\n extension, potentially allowing a user to connect to a site with a revoked\n certificate. (CVE-2014-8642)\n","modified":"2026-02-10T04:40:51Z","published":"2015-01-14T21:46:02Z","references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-2458-2"},{"type":"REPORT","url":"https://launchpad.net/bugs/1398174"}],"affected":[{"package":{"name":"ubufox","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/ubufox@3.0-0ubuntu0.14.04.1?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0-0ubuntu0.14.04.1"}]}],"versions":["2.8-0ubuntu1","2.9-0ubuntu0.14.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"3.0-0ubuntu0.14.04.1","binary_name":"ubufox"},{"binary_version":"3.0-0ubuntu0.14.04.1","binary_name":"xul-ext-ubufox"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-2458-2.json","cves_map":{"cves":[],"ecosystem":"Ubuntu:14.04:LTS"}}}],"schema_version":"1.7.3"}