[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-1567Date: (C)2014-08-20   (M)2024-03-27


Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1030793
SECTRACK-1030794
SECUNIA-60148
SECUNIA-60186
SECUNIA-61114
SECUNIA-61390
BID-69520
DSA-3018
DSA-3028
GLSA-201504-01
SUSE-SU-2014:1107
SUSE-SU-2014:1112
SUSE-SU-2014:1120
http://www.mozilla.org/security/announce/2014/mfsa2014-72.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
https://bugzilla.mozilla.org/show_bug.cgi?id=1037641
openSUSE-SU-2014:1098
openSUSE-SU-2014:1099
openSUSE-SU-2015:0138
openSUSE-SU-2015:1266

CPE    26
cpe:/a:mozilla:firefox:30.0
cpe:/a:mozilla:firefox:31.0
cpe:/a:mozilla:firefox_esr:24.0.1
cpe:/a:mozilla:firefox_esr:24.1.0
...
OVAL    22
oval:org.secpod.oval:def:702185
oval:org.secpod.oval:def:21049
oval:org.secpod.oval:def:52295
oval:org.secpod.oval:def:702204
...

© SecPod Technologies