Suse Linux Enterprise Desktop vulnerabilities

CVE-2014-3917 [LOW] CWE-200 CVE-2014-3917: kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certai kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.

CVE-2014-1737 [HIGH] CWE-754 CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not pr The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.

CVE-2014-1738 [LOW] CWE-200 CVE-2014-1738: The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not p The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device.

CVE-2014-0198 [MEDIUM] CWE-476 CVE-2014-0198: The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.

CVE-2010-5298 [MEDIUM] CWE-362 CVE-2010-5298: Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_ Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.

CVE-2014-1494 [CRITICAL] CVE-2014-1494: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMon Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVE-2014-1500 [MEDIUM] CWE-400 CVE-2014-1500: Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of se Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.

CVE-2014-1498 [MEDIUM] CWE-347 CVE-2014-1498: The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.

CVE-2014-1501 [MEDIUM] CWE-264 CVE-2014-1501: Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection.

CVE-2014-1502 [MEDIUM] CWE-346 CVE-2014-1502: The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefo The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.

CVE-2014-1499 [MEDIUM] CVE-2014-1499: Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain nam Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.

CVE-2014-1504 [LOW] CWE-264 CVE-2014-1504: The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consid The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart.

CVE-2014-0069 [HIGH] CWE-119 CVE-2014-0069: The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges

CVE-2014-0502 [HIGH] CWE-415 CVE-2014-0502: Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified

CVE-2014-1490 [CRITICAL] CWE-362 CVE-2014-1490: Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozill Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involv

CVE-2014-1488 [CRITICAL] CVE-2014-1488: The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remot The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js.

CVE-2014-1485 [HIGH] CVE-2014-1485: The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions.

CVE-2014-1491 [MEDIUM] CWE-326 CVE-2014-1491: Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firef Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanis

CVE-2014-1483 [MEDIUM] CWE-1021 CVE-2014-1483: Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Orig Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.

CVE-2014-1480 [MEDIUM] CWE-1021 CVE-2014-1480: The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not p The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site.