CVE-2014-1575

Loading...

General

Score:7.5/10.0
Severity:High
Category:Access Control Error

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2014-1568, CVE-2014-1574, CVE-2014-1576, CVE-2014-1577, CVE-2014-1578, CVE-2014-1580, CVE-2014-1581, CVE-2014-1582, CVE-2014-1583, CVE-2014-1584, CVE-2014-1585, CVE-2014-1586

Published on 15/10/14 - Updated on 22/12/16

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to improper interaction between threading and garbage collection in the GCRuntime::triggerGC function in js/src/jsgc.cpp, and unknown other vectors.

Category: Access Control Error

CWE-264 (Permissions, Privileges, and Access Control)
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

Security Notices

US National Vulnerability DatabaseCVE-2014-1575
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2014-AVI-432
Mozilla MFSA2014-74
Renater 2014/VULN226
SUSE SUSE-SU-2014:1385, SUSE-SU-2014:1458, SUSE-SU-2014:1510
Ubuntu USN-2372-1

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
mozillafirefox

Share this vulnerability with:

Twitter Facebook LinkedIn Mail