Mozilla Thunderbird 31.1.0
Approved changes feed: RSS · Atom
cpe:2.3:a:mozilla:thunderbird:31.1.0:*:*:*:*:*:*:*
part: a version: 31.1.0 update: *
| Vendor | Mozilla (be1b0d4e-21a7-5a25-9982-bbda6ef43ec1) |
|---|---|
| Product | Thunderbird (e5553559-8c71-58cd-a1a6-c5f5cf77e32f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/thunderbird |
purl2cpe | 2026-06-01 10:17:53.923214 |
pkg:mozilla/comm-central |
purl2cpe | 2026-06-01 10:17:53.923216 |
pkg:rpm/fedora/thunderbird |
purl2cpe | 2026-06-01 10:17:53.923217 |
pkg:rpm/opensuse/mozillathunderbird |
purl2cpe | 2026-06-01 10:17:53.923219 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2014-1586 |
vulnerable | 2026-06-03 14:33:47.901416 |
Details available
content/base/src/nsDocument.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not consider whether WebRTC video sharing is occurring, which allows remote attackers to obtain sensitive information from the local camera in certain IFRAME situations by maintaining a session after the user temporarily navigates away.
Published: 2014-10-15T10:00:00.000Z
Updated: 2024-08-06T09:42:36.667Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1585 |
vulnerable | 2026-06-03 14:33:47.900716 |
Details available
The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not properly recognize Stop Sharing actions for videos in IFRAME elements, which allows remote attackers to obtain sensitive information from the local camera by maintaining a session after the user tries to discontinue streaming.
Published: 2014-10-15T10:00:00.000Z
Updated: 2024-08-06T09:42:36.648Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1581 |
vulnerable | 2026-06-03 14:33:47.898628 |
Details available
Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.
Published: 2014-10-15T10:00:00.000Z
Updated: 2024-08-06T09:42:36.648Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1578 |
vulnerable | 2026-06-03 14:33:47.897476 |
Details available
The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code via WebM frames with invalid tile sizes that are improperly handled in buffering operations during video playback.
Published: 2014-10-15T10:00:00.000Z
Updated: 2024-08-06T09:42:36.668Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1577 |
vulnerable | 2026-06-03 14:33:47.896737 |
Details available
The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via an invalid custom waveform that triggers a calculation of a negative frequency value.
Published: 2014-10-15T10:00:00.000Z
Updated: 2024-08-06T09:42:36.631Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1576 |
vulnerable | 2026-06-03 14:33:47.896009 |
Details available
Heap-based buffer overflow in the nsTransformedTextRun function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via Cascading Style Sheets (CSS) token sequences that trigger changes to capitalization style.
Published: 2014-10-15T10:00:00.000Z
Updated: 2024-08-06T09:42:36.219Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1574 |
vulnerable | 2026-06-03 14:33:47.894750 |
Details available
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Published: 2014-10-15T10:00:00.000Z
Updated: 2024-08-06T09:42:36.627Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1568 |
vulnerable | 2026-06-03 14:33:47.844448 |
Details available
Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a "signature malleability" issue.
Published: 2014-09-25T17:00:00.000Z
Updated: 2024-08-06T09:42:36.192Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.