Vulnerability Details : CVE-2014-1519
Potential exploit
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Vulnerability category: Memory CorruptionExecute codeDenial of service
Products affected by CVE-2014-1519
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-1519
0.49%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 76 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-1519
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2014-1519
-
http://www.securitytracker.com/id/1030164
Mozilla Seamonkey Multiple Flaws Let Remote Users Execute Arbitrary Code, Deny Service, and Conduct Cross-Site Scripting Attacks - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1030163
Mozilla Firefox Multiple Flaws Let Remote Users Execute Arbitrary Code, Deny Service, and Conduct Cross-Site Scripting Attacks and Local Users Gain Elevated Privileges - SecurityTrackerThird Party Advisory;VDB Entry
-
https://bugzilla.mozilla.org/show_bug.cgi?id=995607
995607 - AutoDebugModeInvalidation can discard baseline scripts that are on the stackIssue Tracking;Patch;Vendor Advisory
-
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
Oracle Solaris Bulletin - April 2016Third Party Advisory
-
http://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html
openSUSE-SU-2014:0599-1: moderate: update for MozillaFirefoxMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html
openSUSE-SU-2014:0629-1: moderate: update for seamonkeyMailing List;Third Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132332.html
[SECURITY] Fedora 20 Update: thunderbird-24.5.0-1.fc20Third Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html
[SECURITY] Fedora 19 Update: firefox-29.0-5.fc19Third Party Advisory
-
https://security.gentoo.org/glsa/201504-01
Mozilla Products: Multiple vulnerabilities (GLSA 201504-01) — Gentoo securityThird Party Advisory
-
http://www.mozilla.org/security/announce/2014/mfsa2014-34.html
Miscellaneous memory safety hazards (rv:29.0 / rv:24.5) — MozillaVendor Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=986864
986864 - Crash [@ memmove] or [@ mozilla::PodCopy] or [@ js_NewStringCopyN] or Assertion failure: PointerRangeSize(src, static_cast<const T*>(dst)) >= nelem, at dist/include/mozilla/PodOperations.hIssue Tracking;Patch;Vendor Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=990794
990794 - heap overflow write from allocation size overflow in AllocateAudioBlockExploit;Issue Tracking;Patch;Vendor Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=946658
946658 - Intermittent browser_dbg_variables-view-popup-07.js | [@ nsView::DoResetWidgetBounds(bool, bool)] or [@ nsViewManager::ProcessPendingUpdatesForView(nsView*, bool)]Issue Tracking;Patch;Vendor Advisory
-
http://www.ubuntu.com/usn/USN-2185-1
USN-2185-1: Firefox vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=996883
996883 - Crash [@ js::jit::Simulator::decodeType2]Issue Tracking;Patch;Vendor Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=977955
977955 - PluginModuleParent may delete its subprocess before calling MessageChannel::Clear, resulting in badnessIssue Tracking;Patch;Vendor Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=919592
919592 - ARM asm.js crash with c64 emulator crash [@ js::jit::Assembler::bind(js::jit::Label*, js::jit::BufferOffset) ]Exploit;Issue Tracking;Patch;Vendor Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=953104
953104 - OdinMonkey: Assertion failure: !elems_.empty(), at jit/AsmJS.cpp:1213 or Crash on HeapExploit;Issue Tracking;Patch;Vendor Advisory
Jump to