Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1512

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2014-1512
Last Modified 18 Jul 2014 01:21:48
Published 19 Mar 2014 06:55:06
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-1512

Summary

Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.

Vulnerable Systems

Application

  • Mozilla Firefox 0.1

  • Mozilla Firefox 0.10

  • Mozilla Firefox 0.10.1

  • Mozilla Firefox 0.2

  • Mozilla Firefox 0.3

  • Mozilla Firefox 0.4

  • Mozilla Firefox 0.5

  • Mozilla Firefox 0.6

  • Mozilla Firefox 0.6.1

  • Mozilla Firefox 0.7

  • Mozilla Firefox 0.7.1

  • Mozilla Firefox 0.8

  • Mozilla Firefox 0.9

  • Mozilla Firefox 0.9.1

  • Mozilla Firefox 0.9.2

  • Mozilla Firefox 0.9.3

  • Mozilla Firefox 1.0

  • Mozilla Firefox 1.0.1

  • Mozilla Firefox 1.0.2

  • Mozilla Firefox 1.0.3

  • Mozilla Firefox 1.0.4

  • Mozilla Firefox 1.0.5

  • Mozilla Firefox 1.0.6

  • Mozilla Firefox 1.0.7

  • Mozilla Firefox 1.0.8

  • Mozilla Firefox 1.5

  • Mozilla Firefox 1.5.0.1

  • Mozilla Firefox 1.5.0.10

  • Mozilla Firefox 1.5.0.11

  • Mozilla Firefox 1.5.0.12

  • Mozilla Firefox 1.5.0.2

  • Mozilla Firefox 1.5.0.3

  • Mozilla Firefox 1.5.0.4

  • Mozilla Firefox 1.5.0.5

  • Mozilla Firefox 1.5.0.6

  • Mozilla Firefox 1.5.0.7

  • Mozilla Firefox 1.5.0.8

  • Mozilla Firefox 1.5.0.9

  • Mozilla Firefox 1.5.1

  • Mozilla Firefox 1.5.2

  • Mozilla Firefox 1.5.3

  • Mozilla Firefox 1.5.4

  • Mozilla Firefox 1.5.5

  • Mozilla Firefox 1.5.6

  • Mozilla Firefox 1.5.7

  • Mozilla Firefox 1.5.8

  • Mozilla Firefox 10.0

  • Mozilla Firefox 10.0.1

  • Mozilla Firefox 10.0.10

  • Mozilla Firefox 10.0.11

  • Mozilla Firefox 10.0.12

  • Mozilla Firefox 10.0.2

  • Mozilla Firefox 10.0.3

  • Mozilla Firefox 10.0.4

  • Mozilla Firefox 10.0.5

  • Mozilla Firefox 10.0.6

  • Mozilla Firefox 10.0.7

  • Mozilla Firefox 10.0.8

  • Mozilla Firefox 10.0.9

  • Mozilla Firefox 11.0

  • Mozilla Firefox 12.0

  • Mozilla Firefox 13.0

  • Mozilla Firefox 13.0.1

  • Mozilla Firefox 14.0

  • Mozilla Firefox 14.0.1

  • Mozilla Firefox 15.0

  • Mozilla Firefox 15.0.1

  • Mozilla Firefox 16.0

  • Mozilla Firefox 16.0.1

  • Mozilla Firefox 16.0.2

  • Mozilla Firefox 17.0.10

  • Mozilla Firefox 17.0.11

  • Mozilla Firefox 17.0.2

  • Mozilla Firefox 17.0.3

  • Mozilla Firefox 17.0.4

  • Mozilla Firefox 17.0.5

  • Mozilla Firefox 17.0.6

  • Mozilla Firefox 17.0.7

  • Mozilla Firefox 17.0.8

  • Mozilla Firefox 17.0.9

  • Mozilla Firefox 18.0

  • Mozilla Firefox 18.0.1

  • Mozilla Firefox 18.0.2

  • Mozilla Firefox 19.0

  • Mozilla Firefox 19.0.1

  • Mozilla Firefox 19.0.2

  • Mozilla Firefox 2.0

  • Mozilla Firefox 2.0.0.1

  • Mozilla Firefox 2.0.0.10

  • Mozilla Firefox 2.0.0.11

  • Mozilla Firefox 2.0.0.12

  • Mozilla Firefox 2.0.0.13

  • Mozilla Firefox 2.0.0.14

  • Mozilla Firefox 2.0.0.15

  • Mozilla Firefox 2.0.0.16

  • Mozilla Firefox 2.0.0.17

  • Mozilla Firefox 2.0.0.18

  • Mozilla Firefox 2.0.0.19

  • Mozilla Firefox 2.0.0.2

  • Mozilla Firefox 2.0.0.20

  • Mozilla Firefox 2.0.0.3

  • Mozilla Firefox 2.0.0.4

  • Mozilla Firefox 2.0.0.5

  • Mozilla Firefox 2.0.0.6

  • Mozilla Firefox 2.0.0.7

  • Mozilla Firefox 2.0.0.8

  • Mozilla Firefox 2.0.0.9

  • Mozilla Firefox 20.0

  • Mozilla Firefox 20.0.1

  • Mozilla Firefox 21.0

  • Mozilla Firefox 23.0

  • Mozilla Firefox 23.0.1

  • Mozilla Firefox 24.0

  • Mozilla Firefox 24.1

  • Mozilla Firefox 24.1.1

  • Mozilla Firefox 25.0

  • Mozilla Firefox 25.0.1

  • Mozilla Firefox 26.0

  • Mozilla Firefox 27.0

  • Mozilla Firefox 27.0.1

  • Mozilla Firefox 3.0

  • Mozilla Firefox 3.0.1

  • Mozilla Firefox 3.0.10

  • Mozilla Firefox 3.0.11

  • Mozilla Firefox 3.0.12

  • Mozilla Firefox 3.0.13

  • Mozilla Firefox 3.0.14

  • Mozilla Firefox 3.0.15

  • Mozilla Firefox 3.0.16

  • Mozilla Firefox 3.0.17

  • Mozilla Firefox 3.0.18

  • Mozilla Firefox 3.0.19

  • Mozilla Firefox 3.0.2

  • Mozilla Firefox 3.0.3

  • Mozilla Firefox 3.0.4

  • Mozilla Firefox 3.0.5

  • Mozilla Firefox 3.0.6

  • Mozilla Firefox 3.0.7

  • Mozilla Firefox 3.0.8

  • Mozilla Firefox 3.0.9

  • Mozilla Firefox 3.5

  • Mozilla Firefox 3.5.1

  • Mozilla Firefox 3.5.10

  • Mozilla Firefox 3.5.11

  • Mozilla Firefox 3.5.12

  • Mozilla Firefox 3.5.13

  • Mozilla Firefox 3.5.14

  • Mozilla Firefox 3.5.15

  • Mozilla Firefox 3.5.16

  • Mozilla Firefox 3.5.17

  • Mozilla Firefox 3.5.18

  • Mozilla Firefox 3.5.19

  • Mozilla Firefox 3.5.2

  • Mozilla Firefox 3.5.3

  • Mozilla Firefox 3.5.4

  • Mozilla Firefox 3.5.5

  • Mozilla Firefox 3.5.6

  • Mozilla Firefox 3.5.7

  • Mozilla Firefox 3.5.8

  • Mozilla Firefox 3.5.9

  • Mozilla Firefox 3.6

  • Mozilla Firefox 3.6.10

  • Mozilla Firefox 3.6.11

  • Mozilla Firefox 3.6.12

  • Mozilla Firefox 3.6.13

  • Mozilla Firefox 3.6.14

  • Mozilla Firefox 3.6.15

  • Mozilla Firefox 3.6.16

  • Mozilla Firefox 3.6.17

  • Mozilla Firefox 3.6.18

  • Mozilla Firefox 3.6.19

  • Mozilla Firefox 3.6.2

  • Mozilla Firefox 3.6.20

  • Mozilla Firefox 3.6.21

  • Mozilla Firefox 3.6.22

  • Mozilla Firefox 3.6.23

  • Mozilla Firefox 3.6.24

  • Mozilla Firefox 3.6.25

  • Mozilla Firefox 3.6.26

  • Mozilla Firefox 3.6.27

  • Mozilla Firefox 3.6.28

  • Mozilla Firefox 3.6.3

  • Mozilla Firefox 3.6.4

  • Mozilla Firefox 3.6.6

  • Mozilla Firefox 3.6.7

  • Mozilla Firefox 3.6.8

  • Mozilla Firefox 3.6.9

  • Mozilla Firefox 4.0

  • Mozilla Firefox 4.0.1

  • Mozilla Firefox 5.0

  • Mozilla Firefox 5.0.1

  • Mozilla Firefox 6.0

  • Mozilla Firefox 6.0.1

  • Mozilla Firefox 6.0.2

  • Mozilla Firefox 7.0

  • Mozilla Firefox 7.0.1

  • Mozilla Firefox 8.0

  • Mozilla Firefox 8.0.1

  • Mozilla Firefox 9.0

  • Mozilla Firefox 9.0.1

  • Mozilla Firefox Esr 24.0

  • Mozilla Firefox Esr 24.0.1

  • Mozilla Firefox Esr 24.0.2

  • Mozilla Firefox Esr 24.1.0

  • Mozilla Firefox Esr 24.1.1

  • Mozilla Firefox Esr 24.2

  • Mozilla Firefox Esr 24.3

  • Mozilla Seamonkey 2.0

  • Mozilla Seamonkey 2.0.1

  • Mozilla Seamonkey 2.0.10

  • Mozilla Seamonkey 2.0.11

  • Mozilla Seamonkey 2.0.12

  • Mozilla Seamonkey 2.0.13

  • Mozilla Seamonkey 2.0.14

  • Mozilla Seamonkey 2.0.2

  • Mozilla Seamonkey 2.0.3

  • Mozilla Seamonkey 2.0.4

  • Mozilla Seamonkey 2.0.5

  • Mozilla Seamonkey 2.0.6

  • Mozilla Seamonkey 2.0.7

  • Mozilla Seamonkey 2.0.8

  • Mozilla Seamonkey 2.0.9

  • Mozilla Seamonkey 2.1

  • Mozilla Seamonkey 2.10

  • Mozilla Seamonkey 2.10.1

  • Mozilla Seamonkey 2.11

  • Mozilla Seamonkey 2.12

  • Mozilla Seamonkey 2.12.1

  • Mozilla Seamonkey 2.13

  • Mozilla Seamonkey 2.13.1

  • Mozilla Seamonkey 2.13.2

  • Mozilla Seamonkey 2.14

  • Mozilla Seamonkey 2.15

  • Mozilla Seamonkey 2.15.1

  • Mozilla Seamonkey 2.15.2

  • Mozilla Seamonkey 2.16

  • Mozilla Seamonkey 2.16.1

  • Mozilla Seamonkey 2.16.2

  • Mozilla Seamonkey 2.17

  • Mozilla Seamonkey 2.17.1

  • Mozilla Seamonkey 2.18

  • Mozilla Seamonkey 2.19

  • Mozilla Seamonkey 2.2

  • Mozilla Seamonkey 2.20

  • Mozilla Seamonkey 2.21

  • Mozilla Seamonkey 2.22

  • Mozilla Seamonkey 2.22.1

  • Mozilla Seamonkey 2.23

  • Mozilla Seamonkey 2.24

  • Mozilla Seamonkey 2.25

  • Mozilla Seamonkey 2.3

  • Mozilla Seamonkey 2.3.1

  • Mozilla Seamonkey 2.3.2

  • Mozilla Seamonkey 2.3.3

  • Mozilla Seamonkey 2.4

  • Mozilla Seamonkey 2.4.1

  • Mozilla Seamonkey 2.5

  • Mozilla Seamonkey 2.6

  • Mozilla Seamonkey 2.6.1

  • Mozilla Seamonkey 2.7

  • Mozilla Seamonkey 2.7.1

  • Mozilla Seamonkey 2.7.2

  • Mozilla Seamonkey 2.8

  • Mozilla Seamonkey 2.9

  • Mozilla Seamonkey 2.9.1

  • Mozilla Thunderbird 0.1

  • Mozilla Thunderbird 0.2

  • Mozilla Thunderbird 0.3

  • Mozilla Thunderbird 0.4

  • Mozilla Thunderbird 0.5

  • Mozilla Thunderbird 0.6

  • Mozilla Thunderbird 0.7

  • Mozilla Thunderbird 0.7.1

  • Mozilla Thunderbird 0.7.2

  • Mozilla Thunderbird 0.7.3

  • Mozilla Thunderbird 0.8

  • Mozilla Thunderbird 0.9

  • Mozilla Thunderbird 1.0

  • Mozilla Thunderbird 1.0.1

  • Mozilla Thunderbird 1.0.2

  • Mozilla Thunderbird 1.0.3

  • Mozilla Thunderbird 1.0.4

  • Mozilla Thunderbird 1.0.5

  • Mozilla Thunderbird 1.0.6

  • Mozilla Thunderbird 1.0.7

  • Mozilla Thunderbird 1.0.8

  • Mozilla Thunderbird 1.5

  • Mozilla Thunderbird 1.5.0.1

  • Mozilla Thunderbird 1.5.0.10

  • Mozilla Thunderbird 1.5.0.11

  • Mozilla Thunderbird 1.5.0.12

  • Mozilla Thunderbird 1.5.0.13

  • Mozilla Thunderbird 1.5.0.14

  • Mozilla Thunderbird 1.5.0.2

  • Mozilla Thunderbird 1.5.0.3

  • Mozilla Thunderbird 1.5.0.4

  • Mozilla Thunderbird 1.5.0.5

  • Mozilla Thunderbird 1.5.0.6

  • Mozilla Thunderbird 1.5.0.7

  • Mozilla Thunderbird 1.5.0.8

  • Mozilla Thunderbird 1.5.0.9

  • Mozilla Thunderbird 1.5.1

  • Mozilla Thunderbird 1.5.2

  • Mozilla Thunderbird 1.7.1

  • Mozilla Thunderbird 1.7.3

  • Mozilla Thunderbird 10.0

  • Mozilla Thunderbird 10.0.1

  • Mozilla Thunderbird 10.0.2

  • Mozilla Thunderbird 10.0.3

  • Mozilla Thunderbird 10.0.4

  • Mozilla Thunderbird 11.0

  • Mozilla Thunderbird 11.0.1

  • Mozilla Thunderbird 12.0

  • Mozilla Thunderbird 12.0.1

  • Mozilla Thunderbird 13.0

  • Mozilla Thunderbird 13.0.1

  • Mozilla Thunderbird 14.0

  • Mozilla Thunderbird 15.0

  • Mozilla Thunderbird 15.0.1

  • Mozilla Thunderbird 16.0

  • Mozilla Thunderbird 16.0.1

  • Mozilla Thunderbird 16.0.2

  • Mozilla Thunderbird 17.0

  • Mozilla Thunderbird 17.0.1

  • Mozilla Thunderbird 17.0.2

  • Mozilla Thunderbird 17.0.3

  • Mozilla Thunderbird 17.0.4

  • Mozilla Thunderbird 17.0.5

  • Mozilla Thunderbird 17.0.6

  • Mozilla Thunderbird 17.0.7

  • Mozilla Thunderbird 17.0.8

  • Mozilla Thunderbird 2.0

  • Mozilla Thunderbird 2.0.0.0

  • Mozilla Thunderbird 2.0.0.1

  • Mozilla Thunderbird 2.0.0.11

  • Mozilla Thunderbird 2.0.0.12

  • Mozilla Thunderbird 2.0.0.13

  • Mozilla Thunderbird 2.0.0.14

  • Mozilla Thunderbird 2.0.0.15

  • Mozilla Thunderbird 2.0.0.16

  • Mozilla Thunderbird 2.0.0.17

  • Mozilla Thunderbird 2.0.0.18

  • Mozilla Thunderbird 2.0.0.19

  • Mozilla Thunderbird 2.0.0.2

  • Mozilla Thunderbird 2.0.0.20

  • Mozilla Thunderbird 2.0.0.21

  • Mozilla Thunderbird 2.0.0.22

  • Mozilla Thunderbird 2.0.0.23

  • Mozilla Thunderbird 2.0.0.3

  • Mozilla Thunderbird 2.0.0.4

  • Mozilla Thunderbird 2.0.0.5

  • Mozilla Thunderbird 2.0.0.6

  • Mozilla Thunderbird 2.0.0.7

  • Mozilla Thunderbird 2.0.0.8

  • Mozilla Thunderbird 2.0.0.9

  • Mozilla Thunderbird 24.0

  • Mozilla Thunderbird 24.0.1

  • Mozilla Thunderbird 24.1

  • Mozilla Thunderbird 24.1.1

  • Mozilla Thunderbird 24.2

  • Mozilla Thunderbird 24.3

  • Mozilla Thunderbird 3.0

  • Mozilla Thunderbird 3.0.1

  • Mozilla Thunderbird 3.0.10

  • Mozilla Thunderbird 3.0.11

  • Mozilla Thunderbird 3.0.2

  • Mozilla Thunderbird 3.0.3

  • Mozilla Thunderbird 3.0.4

  • Mozilla Thunderbird 3.0.5

  • Mozilla Thunderbird 3.0.6

  • Mozilla Thunderbird 3.0.7

  • Mozilla Thunderbird 3.0.8

  • Mozilla Thunderbird 3.0.9

  • Mozilla Thunderbird 3.1

  • Mozilla Thunderbird 3.1.1

  • Mozilla Thunderbird 3.1.10

  • Mozilla Thunderbird 3.1.11

  • Mozilla Thunderbird 3.1.12

  • Mozilla Thunderbird 3.1.13

  • Mozilla Thunderbird 3.1.14

  • Mozilla Thunderbird 3.1.15

  • Mozilla Thunderbird 3.1.16

  • Mozilla Thunderbird 3.1.17

  • Mozilla Thunderbird 3.1.2

  • Mozilla Thunderbird 3.1.3

  • Mozilla Thunderbird 3.1.4

  • Mozilla Thunderbird 3.1.5

  • Mozilla Thunderbird 3.1.6

  • Mozilla Thunderbird 3.1.7

  • Mozilla Thunderbird 3.1.8

  • Mozilla Thunderbird 3.1.9

  • Mozilla Thunderbird 5.0

  • Mozilla Thunderbird 6.0

  • Mozilla Thunderbird 6.0.1

  • Mozilla Thunderbird 6.0.2

  • Mozilla Thunderbird 7.0

  • Mozilla Thunderbird 7.0.1

  • Mozilla Thunderbird 8.0

  • Mozilla Thunderbird 9.0

  • Mozilla Thunderbird 9.0.1


References

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=982957

CONFIRM - http://www.mozilla.org/security/announce/2014/mfsa2014-30.html

DEBIAN - DSA-2881

REDHAT - RHSA-2014:0316

REDHAT - RHSA-2014:0310

UBUNTU - USN-2151-1

SUSE - openSUSE-SU-2014:0448

SUSE - openSUSE-SU-2014:0419

SUSE - SUSE-SU-2014:0418

BUGTRAQ - 20140326 VUPEN Security Research - Mozilla Firefox "BumpChunk" Object Processing Use-after-free (Pwn2Own)

SUSE - openSUSE-SU-2014:0584

BID - 66209

Related Patches

Mozilla Firefox ESR 24.4 for Mac OS X (Update) (See Notes)

Mozilla Firefox (en-us) 28.0 for Windows (Update) (See Notes)

Mozilla Firefox 28.0 for Mac OS X (Update) (See Notes)

Mozilla Firefox ESR (en-us) 24.4 for Windows (Update) (See Notes)


Last Updated: 27 May 2016 11:04:44