Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2014-1567
Modified
More InfoOfficial Page
Source-security@mozilla.org
View Known Exploited Vulnerability (KEV) details
Published At-03 Sep, 2014 | 10:55
Updated At-06 May, 2026 | 22:30

Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.09.3HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 9.3
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
Mozilla Corporation
mozilla
>>firefox>>Versions up to 31.1.0(inclusive)
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox>>30.0
cpe:2.3:a:mozilla:firefox:30.0:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox>>31.0
cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox>>24.0
cpe:2.3:a:mozilla:firefox:24.0:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox>>24.0.1
cpe:2.3:a:mozilla:firefox:24.0.1:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox>>24.0.2
cpe:2.3:a:mozilla:firefox:24.0.2:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox>>24.1.0
cpe:2.3:a:mozilla:firefox:24.1.0:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox>>24.1.1
cpe:2.3:a:mozilla:firefox:24.1.1:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox>>31.0
cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox_esr>>24.2
cpe:2.3:a:mozilla:firefox_esr:24.2:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox_esr>>24.3
cpe:2.3:a:mozilla:firefox_esr:24.3:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox_esr>>24.4
cpe:2.3:a:mozilla:firefox_esr:24.4:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox_esr>>24.5
cpe:2.3:a:mozilla:firefox_esr:24.5:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox_esr>>24.6
cpe:2.3:a:mozilla:firefox_esr:24.6:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox_esr>>24.7
cpe:2.3:a:mozilla:firefox_esr:24.7:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>thunderbird>>24.0
cpe:2.3:a:mozilla:thunderbird:24.0:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>thunderbird>>24.0.1
cpe:2.3:a:mozilla:thunderbird:24.0.1:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>thunderbird>>24.1
cpe:2.3:a:mozilla:thunderbird:24.1:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>thunderbird>>24.1.1
cpe:2.3:a:mozilla:thunderbird:24.1.1:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>thunderbird>>24.2
cpe:2.3:a:mozilla:thunderbird:24.2:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>thunderbird>>24.3
cpe:2.3:a:mozilla:thunderbird:24.3:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>thunderbird>>24.4
cpe:2.3:a:mozilla:thunderbird:24.4:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>thunderbird>>24.5
cpe:2.3:a:mozilla:thunderbird:24.5:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>thunderbird>>24.6
cpe:2.3:a:mozilla:thunderbird:24.6:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>thunderbird>>24.7
cpe:2.3:a:mozilla:thunderbird:24.7:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>thunderbird>>31.0
cpe:2.3:a:mozilla:thunderbird:31.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
CWE-416: Use After Free
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.htmlsecurity@mozilla.org
N/A
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00005.htmlsecurity@mozilla.org
N/A
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00007.htmlsecurity@mozilla.org
N/A
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00012.htmlsecurity@mozilla.org
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.htmlsecurity@mozilla.org
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.htmlsecurity@mozilla.org
N/A
http://lists.opensuse.org/opensuse-updates/2014-09/msg00011.htmlsecurity@mozilla.org
N/A
http://secunia.com/advisories/60148security@mozilla.org
N/A
http://secunia.com/advisories/60186security@mozilla.org
N/A
http://secunia.com/advisories/61114security@mozilla.org
N/A
http://secunia.com/advisories/61390security@mozilla.org
N/A
http://www.debian.org/security/2014/dsa-3018security@mozilla.org
N/A
http://www.debian.org/security/2014/dsa-3028security@mozilla.org
N/A
http://www.mozilla.org/security/announce/2014/mfsa2014-72.htmlsecurity@mozilla.org
Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlsecurity@mozilla.org
N/A
http://www.securityfocus.com/bid/69520security@mozilla.org
N/A
http://www.securitytracker.com/id/1030793security@mozilla.org
N/A
http://www.securitytracker.com/id/1030794security@mozilla.org
N/A
https://bugzilla.mozilla.org/show_bug.cgi?id=1037641security@mozilla.org
N/A
https://security.gentoo.org/glsa/201504-01security@mozilla.org
N/A
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00005.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00007.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00012.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-updates/2014-09/msg00011.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/60148af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/60186af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/61114af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/61390af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2014/dsa-3018af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2014/dsa-3028af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mozilla.org/security/announce/2014/mfsa2014-72.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/69520af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1030793af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1030794af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.mozilla.org/show_bug.cgi?id=1037641af854a3a-2127-422b-91ae-364da2661108
N/A
https://security.gentoo.org/glsa/201504-01af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.html
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00005.html
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00007.html
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00012.html
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-updates/2014-09/msg00011.html
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/60148
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/60186
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/61114
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/61390
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2014/dsa-3018
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2014/dsa-3028
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://www.mozilla.org/security/announce/2014/mfsa2014-72.html
Source: security@mozilla.org
Resource:
Vendor Advisory
Hyperlink: http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/69520
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1030793
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1030794
Source: security@mozilla.org
Resource: N/A
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1037641
Source: security@mozilla.org
Resource: N/A
Hyperlink: https://security.gentoo.org/glsa/201504-01
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00005.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00007.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00012.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-updates/2014-09/msg00011.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/60148
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/60186
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/61114
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/61390
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2014/dsa-3018
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2014/dsa-3028
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mozilla.org/security/announce/2014/mfsa2014-72.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/69520
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1030793
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1030794
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1037641
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://security.gentoo.org/glsa/201504-01
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found
Details not found