Lucene search
Mozilla FoundationMFSA2014-30HistoryMar 18, 2014 - 12:00 a.m.
Use-after-free in TypeObject — Mozilla
2014-03-1800:00:00
Mozilla Foundation
www.mozilla.org
15
10 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.93 High
EPSS
Percentile
99.0%
Security research firm VUPEN, via TippingPoint’s Pwn2Own contest, reported that memory pressure during Garbage Collection could lead to memory corruption of TypeObjects in the JS engine, resulting in an exploitable use-after-free condition.
Affected configurations
Node
mozillafirefoxRange<28
ORmozillafirefox_esrRange<24.4
ORmozillaseamonkeyRange<2.25
ORmozillathunderbirdRange<24.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| firefox | lt | 28 | |
| firefox esr | lt | 24.4 | |
| seamonkey | lt | 2.25 | |
| thunderbird | lt | 24.4 |
Related
cve
cve
CVE-2014-1512
2014-03-19 10:55:06
nvd
nvd
CVE-2014-1512
2014-03-19 10:55:06
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2014-30) - Linux
2021-11-11 00:00:00
Debian Security Advisory DSA 2911-1 (icedove - security update)
2014-04-22 00:00:00
Debian Security Advisory DSA 2881-1 (iceweasel - security update)
2014-03-19 00:00:00
prion
prion
Design/Logic Flaw
2014-03-19 10:55:00
veracode
veracode
Use-After-Free
2019-05-02 05:01:54
Denial Of Service (DoS)
2019-05-02 05:01:50
Out Of Bound Reads (OOB)
2019-05-02 05:01:48
ubuntucve
ubuntucve
CVE-2014-1512
2014-03-18 00:00:00
cvelist
cvelist
CVE-2014-1512
2014-03-19 10:00:00
zdi
zdi
nessus
nessus
Debian DSA-2911-1 : icedove - security update
2014-04-23 00:00:00
Debian DSA-2881-1 : iceweasel - security update
2014-03-20 00:00:00
CentOS 5 / 6 : firefox (CESA-2014:0310)
2014-03-19 00:00:00
debian
debian
[SECURITY] [DSA 2881-1] iceweasel security update
2014-03-19 14:43:46
[SECURITY] [DSA 2911-1] icedove security update
2014-04-22 15:25:02
redhat
redhat
(RHSA-2014:0310) Critical: firefox security update
2014-03-18 00:00:00
(RHSA-2014:0316) Important: thunderbird security update
2014-03-19 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2014-03-19 00:00:00
firefox security update
2014-03-18 00:00:00
centos
centos
thunderbird security update
2014-03-19 21:09:48
firefox security update
2014-03-19 00:08:42
ubuntu
ubuntu
Thunderbird vulnerabilities
2014-03-21 00:00:00
Firefox vulnerabilities
2014-03-18 00:00:00
osv
osv
iceweasel - security update
2014-03-19 00:00:00
icedove - security update
2014-04-22 00:00:00
mageia
mageia
Updated nss, firefox and thunderbird packages fix security vulnerabilities
2014-03-20 22:33:01
Updated iceape packages fix multiple vulnerabilities
2014-03-31 23:47:52
suse
suse
MozillaFirefox: Update to version 28.0 (important)
2014-03-26 17:04:14
MozillaThunderbird,seamonkey (important)
2014-04-30 09:04:15
Security update for MozillaFirefox (important)
2014-03-21 23:04:18
freebsd
freebsd
mozilla -- multiple vulnerabilities
2014-03-19 00:00:00
securityvulns
securityvulns
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00
10 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.93 High
EPSS
Percentile
99.0%
Related for MFSA2014-30