CVE-2014-1486
critical
CVSS v3
9.8
CVSS v2
10.0
VIR risk
9.8
Description
Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.
Predictions
Exploit likelihood
97%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: security@mozilla.org — https://bugzilla.mozilla.org/show_bug.cgi?id=942164
Vendor advisory: security@mozilla.org — http://www.mozilla.org/security/announce/2014/mfsa2014-08.html
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| fedora | 19 | affected | |
| suse | 11.4 | affected | |
| suse | 12.3 | affected | |
| suse | 13.1 | affected | |
| suse | 11 | affected | |
| rhel | 6.0 | affected | |
| rhel | 6.5 | affected | |
| ubuntu | 12.04 | affected | |
| ubuntu | 12.10 | affected | |
| ubuntu | 13.10 | affected | |
| debian | 7.0 | affected | |
| fedora | 20 | affected | |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| mozilla | firefox | {"endExcluding":"27.0"} | 27.0 |
| mozilla | seamonkey | {"endExcluding":"2.24"} | 2.24 |
| mozilla | thunderbird | {"endExcluding":"24.3"} | 24.3 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 | |
References
- http://download.novell.com/Download?buildid=VYQsgaFpQ2k
- http://download.novell.com/Download?buildid=Y2fux-JW1Qc
- http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html
- http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html
- http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html
- http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html
- http://osvdb.org/102872
- http://rhn.redhat.com/errata/RHSA-2014-0132.html
- http://rhn.redhat.com/errata/RHSA-2014-0133.html
- http://secunia.com/advisories/56706
- http://secunia.com/advisories/56761
- http://secunia.com/advisories/56763
- http://secunia.com/advisories/56767
- http://secunia.com/advisories/56787
- http://secunia.com/advisories/56858
- http://secunia.com/advisories/56888
- http://secunia.com/advisories/56922
- http://www.debian.org/security/2014/dsa-2858
- http://www.mozilla.org/security/announce/2014/mfsa2014-08.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.securityfocus.com/bid/65334
- http://www.securitytracker.com/id/1029717
- http://www.securitytracker.com/id/1029720
CWEs
CWE-416
Verify integrity in audit chain (admin only). AS-IS.