Lucene search
Ubuntu.comUB:CVE-2014-1563HistorySep 02, 2014 - 12:00 a.m.
CVE-2014-1563
2014-09-0200:00:00
ubuntu.com
ubuntu.com
21
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.632
Percentile
97.9%
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff
function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and
Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary
code or cause a denial of service (heap memory corruption) via an SVG
animation with DOM interaction that triggers incorrect cycle collection.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 12.04 | noarch | firefox | < 32.0+build1-0ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 14.04 | noarch | firefox | < 32.0+build1-0ubuntu0.14.04.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | thunderbird | < 1:31.1.0+build2-0ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 14.04 | noarch | thunderbird | < 1:31.1.0+build2-0ubuntu0.14.04.1 | UNKNOWN |
References
Related
checkpoint_advisories
checkpoint_advisories
nvd
nvd
CVE-2014-1563
2014-09-03 10:55:06
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2014-68) - Linux
2021-11-11 00:00:00
Mozilla Firefox ESR Multiple Vulnerabilities-02 (Sep 2014) - Windows
2014-09-05 00:00:00
Mozilla Thunderbird Multiple Vulnerabilities-02 (Sep 2014) - Windows
2014-09-05 00:00:00
prion
prion
Design/Logic Flaw
2014-09-03 10:55:00
mozilla
mozilla
Use-after-free during DOM interactions with SVG — Mozilla
2014-09-02 00:00:00
cvelist
cvelist
CVE-2014-1563
2014-09-03 10:00:00
cve
cve
CVE-2014-1563
2014-09-03 10:55:06
nessus
nessus
Mozilla Thunderbird < 31.1 Multiple Vulnerabilities
2014-09-03 00:00:00
openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2014:1098-1)
2014-09-11 00:00:00
Firefox ESR 31.x < 31.1 Multiple Vulnerabilities
2014-09-03 00:00:00
suse
suse
MozillaThunderbird: Update to 31.1 release (important)
2014-09-09 12:07:15
Firefox update to latest 31ESR release (important)
2015-01-25 16:04:59
Mozilla (Firefox/Thunderbird) updates to 31.8.0 (important)
2015-07-18 19:07:56
ubuntu
ubuntu
Thunderbird vulnerabilities
2014-09-11 00:00:00
Firefox vulnerabilities
2014-09-02 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2014-09-15 00:00:00
mageia
mageia
Updated iceape package fixes security vulnerabilities
2014-10-23 17:27:57
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00
osv
osv
MozillaThunderbird-45.5.1-1.1 on GA media
2024-06-15 00:00:00
MozillaFirefox-50.1.0-1.1 on GA media
2024-06-15 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.632
Percentile
97.9%
Related for UB:CVE-2014-1563