VIR Vulnerability Intelligence Relay

CVE-2014-1518

high
Published 2014-04-30 · Modified 2026-05-06
CVSS v3
8.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS v2
9.3
VIR risk
8.8

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Predictions

Exploit likelihood
92%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: security@mozilla.org — https://bugzilla.mozilla.org/show_bug.cgi?id=993546

vendor Authored 2026-05-27

Vendor advisory: security@mozilla.org — https://bugzilla.mozilla.org/show_bug.cgi?id=992968

vendor Authored 2026-05-27

Vendor advisory: security@mozilla.org — https://bugzilla.mozilla.org/show_bug.cgi?id=991471

vendor Authored 2026-05-27

Vendor advisory: security@mozilla.org — https://bugzilla.mozilla.org/show_bug.cgi?id=986843

vendor Authored 2026-05-27

Vendor advisory: security@mozilla.org — https://bugzilla.mozilla.org/show_bug.cgi?id=986678

vendor Authored 2026-05-27

Vendor advisory: security@mozilla.org — https://bugzilla.mozilla.org/show_bug.cgi?id=980537

vendor Authored 2026-05-27

Vendor advisory: security@mozilla.org — https://bugzilla.mozilla.org/show_bug.cgi?id=966630

vendor Authored 2026-05-27

Vendor advisory: security@mozilla.org — https://bugzilla.mozilla.org/show_bug.cgi?id=952022

vendor Authored 2026-05-27

Vendor advisory: security@mozilla.org — https://bugzilla.mozilla.org/show_bug.cgi?id=944353

vendor Authored 2026-05-27

Vendor advisory: security@mozilla.org — http://www.mozilla.org/security/announce/2014/mfsa2014-34.html

OS impact
OSVersionStatusFixed in
ubuntu ubuntu12.04affected
ubuntu ubuntu12.10affected
ubuntu ubuntu13.10affected
ubuntu ubuntu14.04affected
debian debian7.0affected
debian debian8.0affected
redhat rhel5.0affected
redhat rhel6.0affected
redhat rhel6.5affected
suse suse11.4affected
suse suse12.3affected
suse suse13.1affected
suse suse10affected
suse suse11affected
fedora fedora19affected
fedora fedora20affected

Application impact
VendorProductVersionsFixed
mozillafirefox{"endExcluding":"29.0"}29.0
mozillaseamonkey{"endExcluding":"2.26"}2.26
mozillathunderbird{"endExcluding":"24.5"}24.5

References

Verify integrity in audit chain (admin only). AS-IS.