CVE-2014-1544
nss: Race-condition in certificate verification can lead to Remote code execution (MFSA 2014-63)
Severity Score
8.1
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.
Vulnerabilidad de uso después de liberación en la función CERT_DestroyCertificate en libnss3.so en Mozilla Network Security Services (NSS) 3.x, utilizado en Firefox anterior a 31.0, Firefox ESR 24.x anterior a 24.7 y Thunderbird anterior a 24.7, permite a atacantes remotos ejecutar código arbitrario a través de vectores que provocan cierta eliminación indebida de una estructura NSSCertificate de un dominio de confianza.
A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application.
Christian Holler, David Keeler and Byron Campen discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Atte Kettunen discovered a buffer overflow when interacting with WebAudio buffers. If a user had enabled scripting, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2014-01-16 CVE Reserved
- 2014-07-22 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-416: Use After Free
CAPEC
References (18)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/59591 | Third Party Advisory | |
| http://secunia.com/advisories/59719 | Third Party Advisory | |
| http://secunia.com/advisories/59760 | Third Party Advisory | |
| http://secunia.com/advisories/60083 | Third Party Advisory | |
| http://secunia.com/advisories/60486 | Third Party Advisory | |
| http://secunia.com/advisories/60621 | Third Party Advisory | |
| http://secunia.com/advisories/60628 | Third Party Advisory | |
| http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | X_refsource_confirm |
|
| http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html | X_refsource_confirm |
|
| http://www.securityfocus.com/bid/68816 | Vdb Entry | |
| http://www.securitytracker.com/id/1030617 | Vdb Entry | |
| https://bugzilla.mozilla.org/show_bug.cgi?id=963150 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2014/dsa-2986 | 2017-01-07 | |
| http://www.debian.org/security/2014/dsa-2996 | 2017-01-07 | |
| http://www.mozilla.org/security/announce/2014/mfsa2014-63.html | 2017-01-07 | |
| https://security.gentoo.org/glsa/201504-01 | 2017-01-07 | |
| https://access.redhat.com/security/cve/CVE-2014-1544 | 2014-09-08 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1116198 | 2014-09-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | <= 30.0 Search vendor "Mozilla" for product "Firefox" and version " <= 30.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 24.0 Search vendor "Mozilla" for product "Firefox Esr" and version "24.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 24.0.1 Search vendor "Mozilla" for product "Firefox Esr" and version "24.0.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 24.0.2 Search vendor "Mozilla" for product "Firefox Esr" and version "24.0.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 24.1.0 Search vendor "Mozilla" for product "Firefox Esr" and version "24.1.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 24.1.1 Search vendor "Mozilla" for product "Firefox Esr" and version "24.1.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 24.2 Search vendor "Mozilla" for product "Firefox Esr" and version "24.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 24.3 Search vendor "Mozilla" for product "Firefox Esr" and version "24.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 24.4 Search vendor "Mozilla" for product "Firefox Esr" and version "24.4" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 24.5 Search vendor "Mozilla" for product "Firefox Esr" and version "24.5" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 24.6 Search vendor "Mozilla" for product "Firefox Esr" and version "24.6" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.2 Search vendor "Mozilla" for product "Network Security Services" and version "3.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.2.1 Search vendor "Mozilla" for product "Network Security Services" and version "3.2.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.3 Search vendor "Mozilla" for product "Network Security Services" and version "3.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.3.1 Search vendor "Mozilla" for product "Network Security Services" and version "3.3.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.3.2 Search vendor "Mozilla" for product "Network Security Services" and version "3.3.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.4 Search vendor "Mozilla" for product "Network Security Services" and version "3.4" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.4.1 Search vendor "Mozilla" for product "Network Security Services" and version "3.4.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.4.2 Search vendor "Mozilla" for product "Network Security Services" and version "3.4.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.5 Search vendor "Mozilla" for product "Network Security Services" and version "3.5" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.6 Search vendor "Mozilla" for product "Network Security Services" and version "3.6" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.6.1 Search vendor "Mozilla" for product "Network Security Services" and version "3.6.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.7 Search vendor "Mozilla" for product "Network Security Services" and version "3.7" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.7.1 Search vendor "Mozilla" for product "Network Security Services" and version "3.7.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.7.2 Search vendor "Mozilla" for product "Network Security Services" and version "3.7.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.7.3 Search vendor "Mozilla" for product "Network Security Services" and version "3.7.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.7.5 Search vendor "Mozilla" for product "Network Security Services" and version "3.7.5" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.7.7 Search vendor "Mozilla" for product "Network Security Services" and version "3.7.7" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.8 Search vendor "Mozilla" for product "Network Security Services" and version "3.8" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.9 Search vendor "Mozilla" for product "Network Security Services" and version "3.9" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.11.2 Search vendor "Mozilla" for product "Network Security Services" and version "3.11.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.11.3 Search vendor "Mozilla" for product "Network Security Services" and version "3.11.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.11.4 Search vendor "Mozilla" for product "Network Security Services" and version "3.11.4" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.11.5 Search vendor "Mozilla" for product "Network Security Services" and version "3.11.5" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.12 Search vendor "Mozilla" for product "Network Security Services" and version "3.12" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.12.1 Search vendor "Mozilla" for product "Network Security Services" and version "3.12.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.12.2 Search vendor "Mozilla" for product "Network Security Services" and version "3.12.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.12.3 Search vendor "Mozilla" for product "Network Security Services" and version "3.12.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.12.3.1 Search vendor "Mozilla" for product "Network Security Services" and version "3.12.3.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.12.3.2 Search vendor "Mozilla" for product "Network Security Services" and version "3.12.3.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.12.4 Search vendor "Mozilla" for product "Network Security Services" and version "3.12.4" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.12.5 Search vendor "Mozilla" for product "Network Security Services" and version "3.12.5" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.12.6 Search vendor "Mozilla" for product "Network Security Services" and version "3.12.6" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.12.7 Search vendor "Mozilla" for product "Network Security Services" and version "3.12.7" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.12.8 Search vendor "Mozilla" for product "Network Security Services" and version "3.12.8" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.12.9 Search vendor "Mozilla" for product "Network Security Services" and version "3.12.9" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.12.10 Search vendor "Mozilla" for product "Network Security Services" and version "3.12.10" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.12.11 Search vendor "Mozilla" for product "Network Security Services" and version "3.12.11" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.14 Search vendor "Mozilla" for product "Network Security Services" and version "3.14" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.14.1 Search vendor "Mozilla" for product "Network Security Services" and version "3.14.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.14.2 Search vendor "Mozilla" for product "Network Security Services" and version "3.14.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.14.3 Search vendor "Mozilla" for product "Network Security Services" and version "3.14.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.14.4 Search vendor "Mozilla" for product "Network Security Services" and version "3.14.4" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.14.5 Search vendor "Mozilla" for product "Network Security Services" and version "3.14.5" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.15 Search vendor "Mozilla" for product "Network Security Services" and version "3.15" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.15.1 Search vendor "Mozilla" for product "Network Security Services" and version "3.15.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.15.2 Search vendor "Mozilla" for product "Network Security Services" and version "3.15.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.15.3 Search vendor "Mozilla" for product "Network Security Services" and version "3.15.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.15.3.1 Search vendor "Mozilla" for product "Network Security Services" and version "3.15.3.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.15.4 Search vendor "Mozilla" for product "Network Security Services" and version "3.15.4" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.15.5 Search vendor "Mozilla" for product "Network Security Services" and version "3.15.5" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.16 Search vendor "Mozilla" for product "Network Security Services" and version "3.16" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | <= 24.6 Search vendor "Mozilla" for product "Thunderbird" and version " <= 24.6" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 24.0 Search vendor "Mozilla" for product "Thunderbird" and version "24.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 24.0.1 Search vendor "Mozilla" for product "Thunderbird" and version "24.0.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 24.1 Search vendor "Mozilla" for product "Thunderbird" and version "24.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 24.1.1 Search vendor "Mozilla" for product "Thunderbird" and version "24.1.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 24.2 Search vendor "Mozilla" for product "Thunderbird" and version "24.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 24.3 Search vendor "Mozilla" for product "Thunderbird" and version "24.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 24.4 Search vendor "Mozilla" for product "Thunderbird" and version "24.4" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 24.5 Search vendor "Mozilla" for product "Thunderbird" and version "24.5" | - |
Affected
| ||||||