Security researcher George Hotz, via TippingPoint’s Pwn2Own contest, discovered an issue where values are copied from an array into a second, neutered array. This allows for an out-of-bounds write into memory, causing an exploitable crash leading to arbitrary code execution.

CPENameOperatorVersion
firefoxlt28
firefox esrlt24.4
seamonkeylt2.25
thunderbirdlt24.4

Name	Operator	Version
firefox	lt	28
firefox esr	lt	24.4
seamonkey	lt	2.25
thunderbird	lt	24.4

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1514

bugzilla.mozilla.org/show_bug.cgi?id=983344

openvas 43

prion 1

zdi 1

cvelist 1

cve 1

ubuntucve 1

debian 2

nessus 28

redhat 2

veracode 2

oraclelinux 2

ibm 2

ubuntu 2

centos 2

osv 2

mageia 2

suse 5

freebsd 1

securityvulns 1

gentoo 1

openvas

Mozilla Firefox Security Advisory (MFSA2014-32) - Linux

2021-11-11 00:00:00

Debian Security Advisory DSA 2911-1 (icedove - security update)

2014-04-22 00:00:00

Debian Security Advisory DSA 2881-1 (iceweasel - security update)

2014-03-19 00:00:00

prion

Out-of-bounds

2014-03-19 10:55:00

zdi

(Pwn2Own) Mozilla Firefox TypedArrayObject Out-Of-Bounds Write Remote Code Execution Vulnerability

2014-04-11 00:00:00

cvelist

CVE-2014-1514

2014-03-19 10:00:00

cve

CVE-2014-1514

2014-03-19 10:55:00

ubuntucve

CVE-2014-1514

2014-03-18 00:00:00

debian

[SECURITY] [DSA 2911-1] icedove security update

2014-04-22 15:24:51

[SECURITY] [DSA 2881-1] iceweasel security update

2014-03-19 14:44:12

nessus

Debian DSA-2881-1 : iceweasel - security update

2014-03-20 00:00:00

Debian DSA-2911-1 : icedove - security update

2014-04-23 00:00:00

CentOS 5 / 6 : firefox (CESA-2014:0310)

2014-03-19 00:00:00

redhat

(RHSA-2014:0310) Critical: firefox security update

2014-03-18 00:00:00

(RHSA-2014:0316) Important: thunderbird security update

2014-03-19 00:00:00

veracode

Denial Of Service (DoS)

2019-05-02 05:01:50

Out Of Bound Reads (OOB)

2019-05-02 05:01:48

oraclelinux

firefox security update

2014-03-18 00:00:00

thunderbird security update

2014-03-19 00:00:00

ibm

Security Bulletin: Mozilla firefox vulnerability issues on IBM Storwize V7000 Unified system (CVE-2014-1493, CVE-2014-1497, CVE-2014-1505, CVE-2014-1508, CVE-2014-1509, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514)

2018-06-18 00:08:12

Security Bulletin: Mozilla firefox vulnerability issues on IBM SONAS (CVE-2014-1493, CVE-2014-1497, CVE-2014-1505, CVE-2014-1508, CVE-2014-1509, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514)

2018-06-18 00:08:08

ubuntu

Thunderbird vulnerabilities

2014-03-21 00:00:00

Firefox vulnerabilities

2014-03-18 00:00:00

centos

thunderbird security update

2014-03-19 21:09:48

firefox security update

2014-03-19 00:08:42

osv

iceweasel - security update

2014-03-19 00:00:00

icedove - security update

2014-04-22 00:00:00

mageia

Updated nss, firefox and thunderbird packages fix security vulnerabilities

2014-03-20 22:33:01

Updated iceape packages fix multiple vulnerabilities

2014-03-31 23:47:52

suse

MozillaThunderbird,seamonkey (important)

2014-04-30 09:04:15

MozillaFirefox: Update to version 28.0 (important)

2014-03-26 17:04:14

Security update for MozillaFirefox (important)

2014-03-21 23:04:18

freebsd

mozilla -- multiple vulnerabilities

2014-03-19 00:00:00

securityvulns

Mozilla Firefox / Thunderbird / Seamonkey / nss multiple security vulnerabilities

2014-03-27 00:00:00

gentoo

Mozilla Products: Multiple vulnerabilities

2015-04-07 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.077 Low

EPSS

Percentile

94.2%

JSON

Related for MFSA2014-32