CVE-2014-1532
30.04.2014, 10:49
Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution.Enginsight
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 𝑥 < 29.0 |
| mozilla | firefox_esr | 24.0 ≤ 𝑥 < 24.5 |
| mozilla | seamonkey | 𝑥 < 2.26 |
| mozilla | thunderbird | 𝑥 < 24.5 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 12.10 |
| canonical | ubuntu_linux | 13.10 |
| canonical | ubuntu_linux | 14.04 |
| debian | debian_linux | 7.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_server_tus | 6.5 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| opensuse | opensuse | 11.4 |
| opensuse | opensuse | 12.3 |
| opensuse | opensuse | 13.1 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox |
| ||||||||||
| thunderbird |
|
Common Weakness Enumeration
References