Kent Howard

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 34.0 Firefox ESR versions prior to 31.3 Thunderbird versions prior to 31.3 **Description** The issue allows local users to obtain sensitive information by reading /tmp files, as demonstrated by credential information, due to the omission of a CoreGraphics disable-logging action needed by jemalloc-based applications. **Recommendations** For Mozilla Firefox versions prior to 34.0, update to version 34.0 or later. For Firefox ESR versions prior to 31.3, update to version 31.3 or later. For Thunderbird versions prior to 31.3, update to version 31.3 or later.