Vulnerability Details : CVE-2014-1576
Heap-based buffer overflow in the nsTransformedTextRun function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via Cascading Style Sheets (CSS) token sequences that trigger changes to capitalization style.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2014-1576
Probability of exploitation activity in the next 30 days: 20.36%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 96 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-1576
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2014-1576
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-1576
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1041512
1041512 - (CVE-2014-1576) Heap-buffer-overflow in nsTransformedTextRun::SetCapitalization
-
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html
[SECURITY] Fedora 20 Update: firefox-33.0-1.fc20
-
http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html
[SECURITY] Fedora 21 Update: firefox-33.0-1.fc21
-
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html
[security-announce] openSUSE-SU-2015:0138-1: important: Firefox update t
-
https://advisories.mageia.org/MGASA-2014-0421.html
Mageia Advisory: MGASA-2014-0421 - Updated firefox and thunderbird packages fix security vulnerabilities
-
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
Oracle Solaris Third Party Bulletin - April 2015
-
http://www.securitytracker.com/id/1031028
Mozilla Firefox Bugs Let Remote Users Execute Arbitrary Code, Bypass Same Origin-Policy, and Obtain Potentially Sensitive Information - SecurityTracker
-
http://lists.opensuse.org/opensuse-updates/2014-11/msg00000.html
openSUSE-SU-2014:1343-1: moderate: update for MozillaThunderbird
-
http://lists.opensuse.org/opensuse-updates/2014-11/msg00003.html
openSUSE-SU-2014:1346-1: moderate: update for MozillaThunderbird
-
http://www.debian.org/security/2014/dsa-3061
Debian -- Security Information -- DSA-3061-1 icedove
-
http://www.mozilla.org/security/announce/2014/mfsa2014-75.html
Buffer overflow during CSS manipulation — MozillaVendor Advisory
-
https://security.gentoo.org/glsa/201504-01
Mozilla Products: Multiple vulnerabilities (GLSA 201504-01) — Gentoo security
-
http://www.debian.org/security/2014/dsa-3050
Debian -- Security Information -- DSA-3050-1 iceweasel
-
http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html
openSUSE-SU-2014:1344-1: moderate: update for firefox, mozilla-nspr, moz
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
[security-announce] openSUSE-SU-2015:1266-1: important: Mozilla (Firefox
-
http://www.securityfocus.com/bid/70430
Mozilla Firefox/Thunderbird CVE-2014-1576 Remote Heap Buffer Overflow Vulnerability
-
http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html
openSUSE-SU-2014:1345-1: moderate: update for firefox, mozilla-nspr, moz
-
http://www.ubuntu.com/usn/USN-2372-1
USN-2372-1: Firefox vulnerabilities | Ubuntu security notices
-
http://www.ubuntu.com/usn/USN-2373-1
USN-2373-1: Thunderbird vulnerabilities | Ubuntu security notices
-
http://www.securitytracker.com/id/1031030
Mozilla Thunderbird Bugs Let Remote Users Execute Arbitrary Code - SecurityTracker
-
http://rhn.redhat.com/errata/RHSA-2014-1635.html
RHSA-2014:1635 - Security Advisory - Red Hat Customer Portal
Products affected by CVE-2014-1576
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:30.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:31.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:31.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:31.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:31.1.0:*:*:*:*:*:*:*