Lucene search

K

MozillaCVELIST:CVE-2014-1557

HistoryJul 23, 2014 - 10:00 a.m.

CVE-2014-1557

2014-07-2310:00:00

mozilla

www.cve.org

6

AI Score

9.7

Confidence

High

EPSS

0.017

Percentile

88.0%

The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image.

References

linux.oracle.com/errata/ELSA-2014-0918.html

secunia.com/advisories/59591

secunia.com/advisories/59719

secunia.com/advisories/59760

secunia.com/advisories/60083

secunia.com/advisories/60306

secunia.com/advisories/60486

secunia.com/advisories/60621

secunia.com/advisories/60628

www.debian.org/security/2014/dsa-2986

www.debian.org/security/2014/dsa-2996

www.mozilla.org/security/announce/2014/mfsa2014-64.html

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

www.securityfocus.com/bid/68824

www.securitytracker.com/id/1030619

www.securitytracker.com/id/1030620

bugzilla.mozilla.org/show_bug.cgi?id=913805

security.gentoo.org/glsa/201504-01

AI Score

9.7

Confidence

High

EPSS

0.017

Percentile

88.0%

Related for CVELIST:CVE-2014-1557

ubuntucve1 mozilla1 nvd1 prion1 openvas30 cve1 ibm3 nessus34 oraclelinux2 redhat2 veracode3 centos2 mageia2 osv1 debian2 suse5 ubuntu2 freebsd1 securityvulns1 gentoo1