CVE Vulnerabilities

CVE-2014-1567

Published: Sep 03, 2014 | Modified: Jan 07, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
6.8 CRITICAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V3
Ubuntu
MEDIUM

Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.

Affected Software

Name Vendor Start Version End Version
Firefox Mozilla * 31.1.0 (including)
Firefox Mozilla 30.0 (including) 30.0 (including)
Firefox Mozilla 31.0 (including) 31.0 (including)
Red Hat Enterprise Linux 5 RedHat firefox-0:24.8.0-2.el5_10 *
Red Hat Enterprise Linux 5 RedHat thunderbird-0:24.8.0-1.el5_10 *
Red Hat Enterprise Linux 6 RedHat firefox-0:24.8.0-1.el6_5 *
Red Hat Enterprise Linux 6 RedHat thunderbird-0:24.8.0-1.el6_5 *
Red Hat Enterprise Linux 7 RedHat firefox-0:24.8.0-1.el7_0 *
Red Hat Enterprise Linux 7 RedHat xulrunner-0:24.8.0-1.el7_0 *
Firefox Ubuntu devel *
Firefox Ubuntu lucid *
Firefox Ubuntu precise *
Firefox Ubuntu trusty *
Firefox Ubuntu upstream *
Thunderbird Ubuntu devel *
Thunderbird Ubuntu lucid *
Thunderbird Ubuntu precise *
Thunderbird Ubuntu trusty *
Thunderbird Ubuntu upstream *

References