Lucene search
Arthur GerkisZDI-14-058HistoryApr 03, 2014 - 12:00 a.m.
Mozilla Firefox imgRequestProxy Use-After-Free Remote Code Execution Vulnerability
2014-04-0300:00:00
Arthur Gerkis
www.zerodayinitiative.com
26
EPSS
0.061
Percentile
93.7%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of imgRequestProxy objects. By manipulating a documentβs elements an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process.
Related
cvelist
cvelist
CVE-2014-1486
2014-02-06 02:00:00
seebug
seebug
Mozilla Firefox/Thunderbird/SeaMonkeyιζΎειη¨θΏη¨δ»£η ζ§θ‘ζΌζ΄
2014-02-11 00:00:00
prion
prion
Design/Logic Flaw
2014-02-06 05:44:00
nvd
nvd
CVE-2014-1486
2014-02-06 05:44:24
ubuntucve
ubuntucve
CVE-2014-1486
2014-02-04 00:00:00
mozilla
mozilla
Use-after-free with imgRequestProxy and image proccessing β Mozilla
2014-02-04 00:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2014-08) - Linux
2021-11-11 00:00:00
CentOS Update for thunderbird CESA-2014:0133 centos6
2014-02-11 00:00:00
Oracle: Security Advisory (ELSA-2014-0133)
2015-10-06 00:00:00
cve
cve
CVE-2014-1486
2014-02-06 05:44:24
nessus
nessus
Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20140204)
2014-02-05 00:00:00
RHEL 5 / 6 : firefox (RHSA-2014:0132)
2014-02-05 00:00:00
redhat
redhat
(RHSA-2014:0133) Important: thunderbird security update
2014-02-04 00:00:00
(RHSA-2014:0132) Critical: firefox security update
2014-02-04 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:00:59
Same-Origin Policy Bypass
2019-05-02 05:00:59
Denial Of Service (DoS)
2019-05-02 05:00:59
centos
centos
thunderbird security update
2014-02-05 09:18:22
firefox security update
2014-02-05 09:15:53
oraclelinux
oraclelinux
firefox security update
2014-02-04 00:00:00
thunderbird security update
2014-02-04 00:00:00
mageia
mageia
Updated Firefox & Thunderbird packages fix multiple security vulnerabilities
2014-02-07 00:02:09
Updated seamonkey packages fix multiple vulnerabilities
2014-02-11 00:18:15
debian
debian
[SECURITY] [DSA 2858-1] iceweasel security update
2014-02-10 15:41:41
ubuntu
ubuntu
Thunderbird vulnerabilities
2014-02-19 00:00:00
Firefox vulnerabilities
2014-02-10 00:00:00
Firefox regression
2014-02-19 00:00:00
suse
suse
Mozilla updates February 2014 (important)
2014-02-08 13:04:12
Security update for Mozilla Firefox (important)
2014-02-19 21:04:13
Security update for MozillaFirefox (important)
2014-02-18 13:25:23
freebsd
freebsd
mozilla -- multiple vulnerabilities
2014-02-04 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2014-02-10 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00
osv
osv
MozillaThunderbird-45.5.1-1.1 on GA media
2024-06-15 00:00:00
MozillaFirefox-50.1.0-1.1 on GA media
2024-06-15 00:00:00