Vulnerability Details : CVE-2014-1534
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Vulnerability category: OverflowMemory CorruptionExecute codeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2014-1534
Probability of exploitation activity in the next 30 days: 5.78%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 93 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-1534
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2014-1534
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-1534
-
https://bugzilla.mozilla.org/show_bug.cgi?id=969549
969549 - Faulty: PCompositableTransaction reinterprets between layer types based on untrusted message params
-
http://www.securitytracker.com/id/1030386
Mozilla Thunderbird Multiple Flaws Let Remote Users Execute Arbitrary Code - SecurityTracker
-
http://secunia.com/advisories/59486
Sign in
-
http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html
openSUSE-SU-2014:0858-1: moderate: MozillaThunderbird: Update fixes six
-
https://bugzilla.mozilla.org/show_bug.cgi?id=973874
973874 - Crash [@ js::jit::Simulator::instructionDecode] with poisoned pointer (0xdeadbeef)
-
http://www.ubuntu.com/usn/USN-2243-1
USN-2243-1: Firefox vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html
openSUSE-SU-2014:0855-1: moderate: seamonkey: Update fixes nine security
-
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html
[security-announce] openSUSE-SU-2014:0797-1: critical: Mozilla updates 2
-
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
Oracle Solaris Bulletin - April 2016
-
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html
[security-announce] SUSE-SU-2014:0824-1: important: Security update for
-
https://bugzilla.mozilla.org/show_bug.cgi?id=995816
995816 - Differential Testing: Different output message involving gc
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1000960
1000960 - Assertion failure: isObject(), at js/Value.h:1156 or Crash [@ JSObject::getGeneric]
-
https://bugzilla.mozilla.org/show_bug.cgi?id=996536
996536 - Assertion failure: isInterpretedLazy() && u.i.s.lazy_, at jsfun.h:328 or Crash [@ JSFunction::lazyScript] or Crash [@ js::ExclusiveContext::getNewType] with gcPreserveCode
-
https://security.gentoo.org/glsa/201504-01
Mozilla Products: Multiple vulnerabilities (GLSA 201504-01) — Gentoo security
-
https://bugzilla.mozilla.org/show_bug.cgi?id=978652
978652 - Navigating while new Workers are queued causes all kinds of trouble
-
http://www.securityfocus.com/bid/67964
Mozilla Firefox/Thunderbird CVE-2014-1534 Multiple Memory Corruption Vulnerabilities
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1000598
1000598 - Use after free JS_ASSERT(arenaHeader()->allocated());
-
http://www.securitytracker.com/id/1030388
Mozilla Firefox Multiple Flaws Let Remote Users Execute Arbitrary Code and Conduct Clickjacking Attacks - SecurityTracker
-
http://secunia.com/advisories/59425
Sign in
-
http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html
openSUSE-SU-2014:0819-1: moderate: MozillaFirefox, mozilla-nspr: Update
-
https://bugzilla.mozilla.org/show_bug.cgi?id=990868
990868 - limit ChannelMergerNode output channel count
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1007223
1007223 - AudioContext::DecodeAudioData passes ArrayBuffer data across threads without transferring it
-
https://bugzilla.mozilla.org/show_bug.cgi?id=995817
995817 - Differential Testing: Incorrect result when division-by-zero is used in an indirectly-truncated context
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1005578
1005578 - nsStandardURL::SetHost called net_ToLowerCase with a bogus pointer, #2
-
http://www.mozilla.org/security/announce/2014/mfsa2014-48.html
Miscellaneous memory safety hazards (rv:30.0 / rv:24.6) — MozillaVendor Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=969517
969517 - Faulty/ASan: heap-use-after-free of a LayerComposite that was destroyed by ContainerLayer::RemoveChild
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1002340
1002340 - Shutdown crash with many mozGetUserMedia calls
Products affected by CVE-2014-1534
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*