Vulnerability Details : CVE-2014-1534
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Vulnerability category: OverflowMemory CorruptionExecute codeDenial of service
Products affected by CVE-2014-1534
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-1534
7.00%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-1534
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2014-1534
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-1534
-
https://bugzilla.mozilla.org/show_bug.cgi?id=969549
969549 - Faulty: PCompositableTransaction reinterprets between layer types based on untrusted message params
-
http://www.securitytracker.com/id/1030386
Mozilla Thunderbird Multiple Flaws Let Remote Users Execute Arbitrary Code - SecurityTracker
-
http://secunia.com/advisories/59486
Sign in
-
http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html
openSUSE-SU-2014:0858-1: moderate: MozillaThunderbird: Update fixes six
-
https://bugzilla.mozilla.org/show_bug.cgi?id=973874
973874 - Crash [@ js::jit::Simulator::instructionDecode] with poisoned pointer (0xdeadbeef)
-
http://www.ubuntu.com/usn/USN-2243-1
USN-2243-1: Firefox vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html
openSUSE-SU-2014:0855-1: moderate: seamonkey: Update fixes nine security
-
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html
[security-announce] openSUSE-SU-2014:0797-1: critical: Mozilla updates 2
-
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
Oracle Solaris Bulletin - April 2016
-
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html
[security-announce] SUSE-SU-2014:0824-1: important: Security update for
-
https://bugzilla.mozilla.org/show_bug.cgi?id=995816
995816 - Differential Testing: Different output message involving gc
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1000960
1000960 - Assertion failure: isObject(), at js/Value.h:1156 or Crash [@ JSObject::getGeneric]
-
https://bugzilla.mozilla.org/show_bug.cgi?id=996536
996536 - Assertion failure: isInterpretedLazy() && u.i.s.lazy_, at jsfun.h:328 or Crash [@ JSFunction::lazyScript] or Crash [@ js::ExclusiveContext::getNewType] with gcPreserveCode
-
https://security.gentoo.org/glsa/201504-01
Mozilla Products: Multiple vulnerabilities (GLSA 201504-01) — Gentoo security
-
https://bugzilla.mozilla.org/show_bug.cgi?id=978652
978652 - Navigating while new Workers are queued causes all kinds of trouble
-
http://www.securityfocus.com/bid/67964
Mozilla Firefox/Thunderbird CVE-2014-1534 Multiple Memory Corruption Vulnerabilities
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1000598
1000598 - Use after free JS_ASSERT(arenaHeader()->allocated());
-
http://www.securitytracker.com/id/1030388
Mozilla Firefox Multiple Flaws Let Remote Users Execute Arbitrary Code and Conduct Clickjacking Attacks - SecurityTracker
-
http://secunia.com/advisories/59425
Sign in
-
http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html
openSUSE-SU-2014:0819-1: moderate: MozillaFirefox, mozilla-nspr: Update
-
https://bugzilla.mozilla.org/show_bug.cgi?id=990868
990868 - limit ChannelMergerNode output channel count
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1007223
1007223 - AudioContext::DecodeAudioData passes ArrayBuffer data across threads without transferring it
-
https://bugzilla.mozilla.org/show_bug.cgi?id=995817
995817 - Differential Testing: Incorrect result when division-by-zero is used in an indirectly-truncated context
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1005578
1005578 - nsStandardURL::SetHost called net_ToLowerCase with a bogus pointer, #2
-
http://www.mozilla.org/security/announce/2014/mfsa2014-48.html
Miscellaneous memory safety hazards (rv:30.0 / rv:24.6) — MozillaVendor Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=969517
969517 - Faulty/ASan: heap-use-after-free of a LayerComposite that was destroyed by ContainerLayer::RemoveChild
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1002340
1002340 - Shutdown crash with many mozGetUserMedia calls
Jump to