CVE-2014-1562

EUVD-2014-1638
Unspecified vulnerability in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
Affected Products (NVD)
VendorProductVersion
mozillafirefox
24.0
mozillafirefox
24.0.1
mozillafirefox
24.0.2
mozillafirefox
24.1.0
mozillafirefox
24.1.1
mozillafirefox
31.0
mozillafirefox_esr
24.2
mozillafirefox_esr
24.3
mozillafirefox_esr
24.4
mozillafirefox_esr
24.5
mozillafirefox_esr
24.6
mozillafirefox_esr
24.7
mozillathunderbird
24.0
mozillathunderbird
24.0.1
mozillathunderbird
24.1
mozillathunderbird
24.1.1
mozillathunderbird
24.2
mozillathunderbird
24.3
mozillathunderbird
24.4
mozillathunderbird
24.5
mozillathunderbird
24.6
mozillathunderbird
24.7
mozillathunderbird
31.0
mozillafirefox
𝑥
≤ 31.1.0
mozillafirefox
30.0
mozillafirefox
31.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
lucid
ignored
precise
Fixed 32.0+build1-0ubuntu0.12.04.1
released
trusty
Fixed 32.0+build1-0ubuntu0.14.04.1
released
thunderbird
lucid
ignored
precise
Fixed 1:31.1.0+build2-0ubuntu0.12.04.1
released
trusty
Fixed 1:31.1.0+build2-0ubuntu0.14.04.1
released
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
http://lists.opensuse.org/opensuse-updates/2014-09/msg00011.html
http://secunia.com/advisories/60148
http://secunia.com/advisories/60186
http://secunia.com/advisories/61114
http://secunia.com/advisories/61390
http://www.debian.org/security/2014/dsa-3018
http://www.debian.org/security/2014/dsa-3028
http://www.mozilla.org/security/announce/2014/mfsa2014-67.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.securityfocus.com/bid/69519
http://www.securitytracker.com/id/1030793
http://www.securitytracker.com/id/1030794
https://bugzilla.mozilla.org/show_bug.cgi?id=1054359
https://security.gentoo.org/glsa/201504-01
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
http://lists.opensuse.org/opensuse-updates/2014-09/msg00011.html
http://secunia.com/advisories/60148
http://secunia.com/advisories/60186
http://secunia.com/advisories/61114
http://secunia.com/advisories/61390
http://www.debian.org/security/2014/dsa-3018
http://www.debian.org/security/2014/dsa-3028
http://www.mozilla.org/security/announce/2014/mfsa2014-67.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.securityfocus.com/bid/69519
http://www.securitytracker.com/id/1030793
http://www.securitytracker.com/id/1030794
https://bugzilla.mozilla.org/show_bug.cgi?id=1054359
https://security.gentoo.org/glsa/201504-01