ByteOS Network

NVD Vulnerability Details :

CVE-2014-1578

Modified

Source-security@mozilla.org

Published At-15 Oct, 2014 | 10:55

Updated At-06 May, 2026 | 22:30

The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code via WebM frames with invalid tile sizes that are improperly handled in buffering operations during video playback.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P

Type: Primary

Version: 2.0

Base score: 7.5

Base severity: HIGH

Vector:

AV:N/AC:L/Au:N/C:P/I:P/A:P

CPE Matches

Weaknesses

CWE ID	Type	Source
CWE-119	Primary	nvd@nist.gov

CWE ID: CWE-119

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html	security@mozilla.org	N/A
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html	security@mozilla.org	N/A
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html	security@mozilla.org	N/A
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html	security@mozilla.org	N/A
http://lists.opensuse.org/opensuse-updates/2014-11/msg00000.html	security@mozilla.org	N/A
http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html	security@mozilla.org	N/A
http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html	security@mozilla.org	N/A
http://lists.opensuse.org/opensuse-updates/2014-11/msg00003.html	security@mozilla.org	N/A
http://rhn.redhat.com/errata/RHSA-2014-1635.html	security@mozilla.org	N/A
http://rhn.redhat.com/errata/RHSA-2014-1647.html	security@mozilla.org	N/A
http://secunia.com/advisories/61387	security@mozilla.org	N/A
http://secunia.com/advisories/61854	security@mozilla.org	N/A
http://secunia.com/advisories/62021	security@mozilla.org	N/A
http://secunia.com/advisories/62022	security@mozilla.org	N/A
http://secunia.com/advisories/62023	security@mozilla.org	N/A
http://www.debian.org/security/2014/dsa-3050	security@mozilla.org	N/A
http://www.debian.org/security/2014/dsa-3061	security@mozilla.org	N/A
http://www.mozilla.org/security/announce/2014/mfsa2014-77.html	security@mozilla.org	Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html	security@mozilla.org	N/A
http://www.securityfocus.com/bid/70428	security@mozilla.org	N/A
http://www.securitytracker.com/id/1031028	security@mozilla.org	N/A
http://www.securitytracker.com/id/1031030	security@mozilla.org	N/A
http://www.ubuntu.com/usn/USN-2372-1	security@mozilla.org	N/A
http://www.ubuntu.com/usn/USN-2373-1	security@mozilla.org	N/A
https://advisories.mageia.org/MGASA-2014-0421.html	security@mozilla.org	N/A
https://bugzilla.mozilla.org/show_bug.cgi?id=1063327	security@mozilla.org	N/A
https://security.gentoo.org/glsa/201504-01	security@mozilla.org	N/A
http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://lists.opensuse.org/opensuse-updates/2014-11/msg00000.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://lists.opensuse.org/opensuse-updates/2014-11/msg00003.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://rhn.redhat.com/errata/RHSA-2014-1635.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://rhn.redhat.com/errata/RHSA-2014-1647.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/61387	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/61854	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/62021	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/62022	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/62023	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.debian.org/security/2014/dsa-3050	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.debian.org/security/2014/dsa-3061	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.mozilla.org/security/announce/2014/mfsa2014-77.html	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securityfocus.com/bid/70428	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securitytracker.com/id/1031028	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securitytracker.com/id/1031030	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.ubuntu.com/usn/USN-2372-1	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.ubuntu.com/usn/USN-2373-1	af854a3a-2127-422b-91ae-364da2661108	N/A
https://advisories.mageia.org/MGASA-2014-0421.html	af854a3a-2127-422b-91ae-364da2661108	N/A
https://bugzilla.mozilla.org/show_bug.cgi?id=1063327	af854a3a-2127-422b-91ae-364da2661108	N/A
https://security.gentoo.org/glsa/201504-01	af854a3a-2127-422b-91ae-364da2661108	N/A

Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://lists.opensuse.org/opensuse-updates/2014-11/msg00000.html

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://lists.opensuse.org/opensuse-updates/2014-11/msg00003.html

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://rhn.redhat.com/errata/RHSA-2014-1635.html

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://rhn.redhat.com/errata/RHSA-2014-1647.html

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/61387

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/61854

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/62021

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/62022

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/62023

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://www.debian.org/security/2014/dsa-3050

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://www.debian.org/security/2014/dsa-3061

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://www.mozilla.org/security/announce/2014/mfsa2014-77.html

Source: security@mozilla.org

Resource:

Vendor Advisory

Hyperlink: http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://www.securityfocus.com/bid/70428

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://www.securitytracker.com/id/1031028

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://www.securitytracker.com/id/1031030

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://www.ubuntu.com/usn/USN-2372-1

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://www.ubuntu.com/usn/USN-2373-1

Source: security@mozilla.org

Resource: N/A

Hyperlink: https://advisories.mageia.org/MGASA-2014-0421.html

Source: security@mozilla.org

Resource: N/A

Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1063327

Source: security@mozilla.org

Resource: N/A

Hyperlink: https://security.gentoo.org/glsa/201504-01

Source: security@mozilla.org

Resource: N/A

Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html