Lucene search

K

MozillaCVELIST:CVE-2014-1544

HistoryJul 23, 2014 - 10:00 a.m.

CVE-2014-1544

2014-07-2310:00:00

mozilla

www.cve.org

6

AI Score

9.8

Confidence

High

EPSS

0.106

Percentile

95.1%

Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.

References

secunia.com/advisories/59591

secunia.com/advisories/59719

secunia.com/advisories/59760

secunia.com/advisories/60083

secunia.com/advisories/60486

secunia.com/advisories/60621

secunia.com/advisories/60628

www.debian.org/security/2014/dsa-2986

www.debian.org/security/2014/dsa-2996

www.mozilla.org/security/announce/2014/mfsa2014-63.html

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

www.securityfocus.com/bid/68816

www.securitytracker.com/id/1030617

bugzilla.mozilla.org/show_bug.cgi?id=963150

security.gentoo.org/glsa/201504-01

AI Score

9.8

Confidence

High

EPSS

0.106

Percentile

95.1%

Related for CVELIST:CVE-2014-1544

centos2 nessus43 openvas35 veracode2 ubuntucve1 debian5 redhat5 osv4 debiancve1 prion1 oraclelinux2 amazon1 ubuntu3 mozilla1 nvd1 cve1 mageia1 suse5 ibm4 f52 freebsd1 gentoo1