CVSS: 9.3EPSS: 12%CPEs: 26EXPL: 0CVE-2014-1567 – Mozilla Firefox DirectionalityUtils Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-1567
Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout. Vulnerabilidad de uso después de liberación en DirectionalityUtils.cpp en Mozilla Firefox anterior a 32.0, Firefox ESR 24.x anterior a 24.8 y 31.x anterior a 31.1 y Thunderbird 24.x anterior a 24.8 y 31.x anterior a 31.1 permite a atacantes remotos ejecutar código arbitrario a través de texto que no se maneja debidamente durante la interacción entre la resolución de la direccionalidad y el diseño. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of bi-directional unicode text. The issue lies in the failure to properly handle text that has its bi-directional character type changed. • http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://lists.opensuse.org/opensuse-updates/2014-09/msg00011. • CWE-416: Use After Free •
CVSS: 10.0EPSS: 10%CPEs: 21EXPL: 0CVE-2014-1551
https://notcve.org/view.php?id=CVE-2014-1551
Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a DirectWrite font-face object. Vulnerabilidad de uso después de liberación en el destructor FontTableRec en Mozilla Firefox anterior a 31.0, Firefox ESR 24.x anterior a 24.7 y Thunderbird anterior a 24.7 en Windows permite a atacantes remotos ejecutar código arbitrario a través de el uso manipulado de fuentes en el contenido MathML, que conduce a un manejo indebido de un objeto font face DirectWrite. • http://secunia.com/advisories/59760 http://www.mozilla.org/security/announce/2014/mfsa2014-59.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securitytracker.com/id/1030619 http://www.securitytracker.com/id/1030620 https://bugzilla.mozilla.org/show_bug.cgi?id=1018234 https://security.gentoo.org/glsa/201504-01 •
CVSS: 5.8EPSS: 1%CPEs: 11EXPL: 0CVE-2014-1552
https://notcve.org/view.php?id=CVE-2014-1552
Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect. Mozilla Firefox anterior a 31.0 y Thunderbird anterior a 31.0 no implementa debidamente el atributo sandbox del elemento IFRAME, lo que permite a atacantes remotos evadir las restricciones en el contenido del mismo origen a través de un sitio web manipulado en conjunto con una redirección. • http://secunia.com/advisories/59760 http://secunia.com/advisories/60628 http://www.mozilla.org/security/announce/2014/mfsa2014-66.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securitytracker.com/id/1030619 http://www.securitytracker.com/id/1030620 https://bugzilla.mozilla.org/show_bug.cgi?id=985135 https://security.gentoo.org/glsa/201504-01 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 5%CPEs: 11EXPL: 0CVE-2014-1550
https://notcve.org/view.php?id=CVE-2014-1550
Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering. Vulnerabilidad de uso después de liberación en la clase MediaInputPort en Mozilla Firefox anterior a 31.0 y Thunderbird anterior a 31.0 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria dinámica) mediante el aprovechamiento del orden incorrecto de mensajes de control de Web Audio. • http://secunia.com/advisories/59760 http://secunia.com/advisories/60628 http://www.mozilla.org/security/announce/2014/mfsa2014-58.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securitytracker.com/id/1030619 http://www.securitytracker.com/id/1030620 https://bugzilla.mozilla.org/show_bug.cgi?id=1020411 https://security.gentoo.org/glsa/201504-01 •
CVSS: 4.3EPSS: 1%CPEs: 11EXPL: 0CVE-2014-1558
https://notcve.org/view.php?id=CVE-2014-1558
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1559. Mozilla Firefox anterior a 31.0 y Thunderbird anterior a 31.0 permiten a atacantes remotos causar una denegación de servicio (interrupción del análisis sintáctico de certificados X.509) a través de un certificado manipulado que no utilice la codificación de caracteres UTF-8 en un contexto requerido, una vulnerabilidad diferente a CVE-2014-1559. • http://secunia.com/advisories/60628 http://www.mozilla.org/security/announce/2014/mfsa2014-65.html http://www.securitytracker.com/id/1030619 http://www.securitytracker.com/id/1030620 https://bugzilla.mozilla.org/show_bug.cgi?id=1015973 https://security.gentoo.org/glsa/201504-01 •