Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2014-1563 | First vendor Publication | 2014-09-03 |
Vendor | Cve | Last vendor Modification | 2018-10-30 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1563 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-416 | Use After Free |
CPE : Common Platform Enumeration
Snort® IPS/IDS
Date | Description |
---|---|
2019-05-24 | Mozilla Firefox DOMSVGLength appendItem use after free attempt RuleID : 49918 - Revision : 1 - Type : BROWSER-FIREFOX |
2019-05-24 | Mozilla Firefox DOMSVGLength appendItem use after free attempt RuleID : 49917 - Revision : 1 - Type : BROWSER-FIREFOX |
2015-08-09 | Mozilla Firefox DOMSVGLength initialize use after free attempt RuleID : 35075 - Revision : 3 - Type : BROWSER-FIREFOX |
2015-08-09 | Mozilla Firefox DOMSVGLength replaceItem use after free attempt RuleID : 35074 - Revision : 3 - Type : BROWSER-FIREFOX |
2015-08-09 | Mozilla Firefox DOMSVGLength insertItemBefore use after free attempt RuleID : 35073 - Revision : 3 - Type : BROWSER-FIREFOX |
2015-08-09 | Mozilla Firefox DOMSVGLength initialize use after free attempt RuleID : 35072 - Revision : 3 - Type : BROWSER-FIREFOX |
2015-08-09 | Mozilla Firefox DOMSVGLength replaceItem use after free attempt RuleID : 35071 - Revision : 3 - Type : BROWSER-FIREFOX |
2015-08-09 | Mozilla Firefox DOMSVGLength insertItemBefore use after free attempt RuleID : 35070 - Revision : 3 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-04-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201504-01.nasl - Type : ACT_GATHER_INFO |
2014-09-12 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2330-1.nasl - Type : ACT_GATHER_INFO |
2014-09-11 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-530.nasl - Type : ACT_GATHER_INFO |
2014-09-11 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-531.nasl - Type : ACT_GATHER_INFO |
2014-09-03 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_31_1_esr.nasl - Type : ACT_GATHER_INFO |
2014-09-03 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_32.nasl - Type : ACT_GATHER_INFO |
2014-09-03 | Name : The remote Mac OS X host contains a mail client that is affected by multiple ... File : macosx_thunderbird_31_1.nasl - Type : ACT_GATHER_INFO |
2014-09-03 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_31_1_esr.nasl - Type : ACT_GATHER_INFO |
2014-09-03 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_32.nasl - Type : ACT_GATHER_INFO |
2014-09-03 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_31_1.nasl - Type : ACT_GATHER_INFO |
2014-09-03 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2329-1.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-10 01:24:22 |
|
2024-02-02 01:26:33 |
|
2024-02-01 12:07:52 |
|
2023-09-05 12:25:08 |
|
2023-09-05 01:07:46 |
|
2023-09-02 12:25:07 |
|
2023-09-02 01:07:52 |
|
2023-08-12 12:27:22 |
|
2023-08-12 01:07:22 |
|
2023-08-11 12:23:15 |
|
2023-08-11 01:07:33 |
|
2023-08-06 12:22:37 |
|
2023-08-06 01:07:21 |
|
2023-08-04 12:22:39 |
|
2023-08-04 01:07:25 |
|
2023-07-14 12:22:37 |
|
2023-07-14 01:07:23 |
|
2023-04-01 01:19:07 |
|
2023-03-29 01:24:32 |
|
2023-03-28 12:07:45 |
|
2022-10-11 12:20:25 |
|
2022-10-11 01:07:32 |
|
2021-05-04 12:30:01 |
|
2021-04-22 01:36:16 |
|
2020-10-14 01:10:49 |
|
2020-10-03 01:10:55 |
|
2020-05-29 01:09:59 |
|
2020-05-23 01:51:14 |
|
2020-05-23 00:40:01 |
|
2018-12-04 12:05:42 |
|
2018-10-31 00:20:36 |
|
2018-01-26 12:05:22 |
|
2018-01-18 12:05:58 |
|
2017-11-22 12:05:57 |
|
2017-01-07 09:25:22 |
|
2016-12-24 09:24:01 |
|
2016-12-22 09:23:38 |
|
2016-11-16 00:23:44 |
|
2016-10-04 09:24:03 |
|
2016-08-26 21:20:46 |
|
2016-06-28 22:36:06 |
|
2016-04-27 00:15:51 |
|
2015-08-09 21:22:44 |
|
2015-04-09 13:28:57 |
|
2015-03-18 09:26:28 |
|
2014-11-14 13:27:34 |
|
2014-09-13 13:43:04 |
|
2014-09-12 13:27:14 |
|
2014-09-04 13:24:38 |
|
2014-09-03 21:23:52 |
|
2014-09-03 17:21:58 |
|