CVE-2014-1541CVE-2014-1541

Affected configuration(s):

cpe:/a:mozilla:firefox:29.0.1
cpe:/a:mozilla:firefox_esr:24.0
cpe:/a:mozilla:firefox_esr:24.0.1
cpe:/a:mozilla:firefox_esr:24.0.2
cpe:/a:mozilla:firefox_esr:24.1.0
cpe:/a:mozilla:firefox_esr:24.1.1
cpe:/a:mozilla:firefox_esr:24.2
cpe:/a:mozilla:firefox_esr:24.3
cpe:/a:mozilla:firefox_esr:24.4
cpe:/a:mozilla:firefox_esr:24.5
cpe:/a:mozilla:thunderbird:24.0
cpe:/a:mozilla:thunderbird:24.0.1
cpe:/a:mozilla:thunderbird:24.1
cpe:/a:mozilla:thunderbird:24.1.1
cpe:/a:mozilla:thunderbird:24.2
cpe:/a:mozilla:thunderbird:24.3
cpe:/a:mozilla:thunderbird:24.4
cpe:/a:mozilla:thunderbird:24.5

Date published: 2014-06-11T06:57:17.987-04:00

Date last modified: 2017-01-06T21:59:38.500-05:00

CVSS Score: 10.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://linux.oracle.com/errata/ELSA-2014-0741.html

Summary: Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *