CVE-2014-1477

Published: Feb 6, 2014Modified: Apr 29, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Affected (27)

Products: Mozilla: Firefox, Seamonkey, Thunderbird · Canonical: Ubuntu Linux · Debian: Debian Linux · +4 more

Show all products

3 products

1 product

1 product

7 products

Enterprise Linux Desktop

Enterprise Linux Eus

Enterprise Linux Server

Enterprise Linux Server Aus

Enterprise Linux Server Eus

Enterprise Linux Server Tus

Enterprise Linux Workstation

1 product

1 product

3 products

Suse Linux Enterprise Desktop

Suse Linux Enterprise Server

Suse Linux Enterprise Software Development Kit

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Before 27.0
Mozilla Firefox	From 24.0 to 24.3
Mozilla Seamonkey	Before 2.24
Mozilla Thunderbird	Before 24.3

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 12.04
Canonical Ubuntu Linux	Version 12.10
Canonical Ubuntu Linux	Version 13.10

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 7.0

Configuration D

10 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 5.0
Redhat Enterprise Linux Desktop	Version 6.0
Redhat Enterprise Linux Eus	Version 6.5
Redhat Enterprise Linux Server	Version 5.0
Redhat Enterprise Linux Server	Version 6.0
Redhat Enterprise Linux Server Aus	Version 6.5
Redhat Enterprise Linux Server Eus	Version 6.5
Redhat Enterprise Linux Server Tus	Version 6.5
Redhat Enterprise Linux Workstation	Version 5.0
Redhat Enterprise Linux Workstation	Version 6.0

Configuration E

2 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 19
Fedoraproject Fedora	Version 20

Configuration F

7 vulnerable

Vulnerable Software	Affected Versions
Opensuse Opensuse	Version 11.4
Opensuse Opensuse	Version 12.3
Opensuse Opensuse	Version 13.1
Suse Suse Linux Enterprise Desktop	Version 11 sp3
Suse Suse Linux Enterprise Server	Version 11 sp3
Suse Suse Linux Enterprise Server	Version 11 sp3
Suse Suse Linux Enterprise Software Development Kit	Version 11.0 sp3

References (84)

http://download.novell.com/Download?buildid=VYQsgaFpQ2k

Source: security@mozilla.org

Broken Link

http://download.novell.com/Download?buildid=Y2fux-JW1Qc

Source: security@mozilla.org

Broken Link

http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://osvdb.org/102864

Source: security@mozilla.org

Broken Link

http://rhn.redhat.com/errata/RHSA-2014-0132.html

Source: security@mozilla.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2014-0133.html

Source: security@mozilla.org

Third Party Advisory

http://secunia.com/advisories/56706

Source: security@mozilla.org

Broken Link

http://secunia.com/advisories/56761

Source: security@mozilla.org

Broken Link

http://secunia.com/advisories/56763

Source: security@mozilla.org

Broken Link

http://secunia.com/advisories/56767

Source: security@mozilla.org

Broken Link

http://secunia.com/advisories/56787

Source: security@mozilla.org

Broken Link

http://secunia.com/advisories/56858

Source: security@mozilla.org

Broken Link

http://secunia.com/advisories/56888

Source: security@mozilla.org

Broken Link

http://www.debian.org/security/2014/dsa-2858

Source: security@mozilla.org

Third Party Advisory

http://www.mozilla.org/security/announce/2014/mfsa2014-01.html

Source: security@mozilla.org

Vendor Advisory

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Source: security@mozilla.org

Third Party Advisory

http://www.securityfocus.com/bid/65317

Source: security@mozilla.org

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1029717

Source: security@mozilla.org

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1029720

Source: security@mozilla.org

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1029721

Source: security@mozilla.org

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/USN-2102-1

Source: security@mozilla.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-2102-2

Source: security@mozilla.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-2119-1

Source: security@mozilla.org

Third Party Advisory

https://8pecxstudios.com/?page_id=44080

Source: security@mozilla.org

Broken LinkURL Repurposed

https://bugzilla.mozilla.org/show_bug.cgi?id=921470

Source: security@mozilla.org

ExploitIssue TrackingVendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=925896

Source: security@mozilla.org

ExploitIssue TrackingVendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=936808

Source: security@mozilla.org

ExploitIssue TrackingVendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=937132

Source: security@mozilla.org

ExploitIssue TrackingVendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=937697

Source: security@mozilla.org

ExploitIssue TrackingVendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=945334

Source: security@mozilla.org

ExploitIssue TrackingVendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=945939

Source: security@mozilla.org

ExploitIssue Tracking

https://bugzilla.mozilla.org/show_bug.cgi?id=950000

Source: security@mozilla.org

ExploitIssue TrackingVendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=950438

Source: security@mozilla.org

ExploitIssue TrackingVendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=951366

Source: security@mozilla.org

ExploitIssue TrackingVendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=953114

Source: security@mozilla.org

ExploitIssue TrackingVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/90899

Source: security@mozilla.org

Third Party AdvisoryVDB Entry

https://security.gentoo.org/glsa/201504-01

Source: security@mozilla.org

Third Party Advisory

http://download.novell.com/Download?buildid=VYQsgaFpQ2k