Vulnerability Description
vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Firefox | < 28.0 |
| Mozilla | Seamonkey | < 2.25 |
| Mozilla | Thunderbird | < 24.4 |
| Debian | Debian Linux | 7.0 |
| Suse | Suse Linux Enterprise Software Development Kit | 11.0 |
| Opensuse | Opensuse | 11.4 |
| Suse | Suse Linux Enterprise Desktop | 11 |
| Suse | Suse Linux Enterprise Server | 11 |
| Redhat | Enterprise Linux Desktop | 5.0 |
| Redhat | Enterprise Linux Eus | 6.5 |
| Redhat | Enterprise Linux Server | 5.0 |
| Redhat | Enterprise Linux Server Aus | 6.5 |
| Redhat | Enterprise Linux Server Eus | 6.5 |
| Redhat | Enterprise Linux Server Tus | 6.5 |
| Redhat | Enterprise Linux Workstation | 5.0 |
| Canonical | Ubuntu Linux | 12.04 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.htmlMailing ListThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2014-0310.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2014-0316.htmlThird Party Advisory
- http://www.debian.org/security/2014/dsa-2881Third Party Advisory
- http://www.debian.org/security/2014/dsa-2911Third Party Advisory
- http://www.mozilla.org/security/announce/2014/mfsa2014-32.htmlVendor Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlThird Party Advisory
- http://www.securityfocus.com/bid/66240Third Party AdvisoryVDB Entry
- http://www.ubuntu.com/usn/USN-2151-1Third Party Advisory
- https://bugzilla.mozilla.org/show_bug.cgi?id=983344ExploitIssue TrackingVendor Advisory
- https://security.gentoo.org/glsa/201504-01Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.htmlMailing ListThird Party Advisory
FAQ
What is CVE-2014-1514?
CVE-2014-1514 is a vulnerability with a CVSS score of 9.8 (CRITICAL). vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a c...
How severe is CVE-2014-1514?
CVE-2014-1514 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2014-1514?
Check the references section above for vendor advisories and patch information. Affected products include: Mozilla Firefox, Mozilla Seamonkey, Mozilla Thunderbird, Debian Debian Linux, Suse Suse Linux Enterprise Software Development Kit.