CVE-2014-1528
The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element.
Date published : 2014-04-30
http://www.mozilla.org/security/announce/2014/mfsa2014-41.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html