CVE-2014-1541
Published Jun 11, 2014
Last updated 25 days ago
Overview
- Description
- Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.
- Source
- security@mozilla.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Evaluator
- Comment
- Per http://cwe.mitre.org/data/definitions/416.html: "CWE-416: Use After Free"
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7BAB6139-8CB0-4989-B0CC-067C35B01090",
"versionEndIncluding": "24.5"
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:24.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CCAFDF1-10BB-4AB0-9C9D-E99DDBA901BB"
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:24.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "31EE89B8-705F-4A05-9015-3D6E81D394E9"
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:24.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E30AE3D4-6A3E-435E-BDBF-1A9A17297433"
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:24.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B0C705A0-62C0-485A-A077-C7DD426F80B5"
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:24.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66C802A7-E4D5-4D2D-9CE8-749A75DF7461"
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:24.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E8A57FA-AC27-4288-8E42-97DECF3B993C"
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:24.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D474B11-98D0-41A3-A98B-CFB6955264AE"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C8B8514D-277D-4D79-84E3-73BF050CE927",
"versionEndIncluding": "29.0.1"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:24.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18E772D1-DD0F-4F04-8BB4-9550F3C601E1"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:24.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "050A0328-B07A-4CC7-B42E-A034F3140032"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:24.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "732CC40B-BCBA-436B-956F-52BE28D9B79B"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:24.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A4DE4CBB-6604-4AF2-B499-06BCD9E213C1"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:24.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "70ECF11D-B5D0-4EBA-9E1F-0978AF7C7818"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:24.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A237D8D8-5656-4537-AD08-30CB8B4DAD63"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:24.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "04B61AC7-E951-407F-A62E-490F9FEDE9C1"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:24.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9F70319-C8E4-4F54-9449-B0C3A59BF7C5"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:24.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9CAD5F3B-54D7-425B-89D2-A3A86DE31BAE"
}
],
"operator": "OR"
}
]
}
]