| Name | CVE-2014-1496 |
| Description | Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
Vulnerable and fixed packages
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|
| icedove (PTS) | jessie | 1:52.3.0-4~deb8u2 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|
| icedove | source | (unstable) | (not affected) | | | |
| iceweasel | source | (unstable) | (not affected) | | | |
Notes
- iceweasel <not-affected> (Online update not used in Debian)
- icedove <not-affected> (Online update not used in Debian)