Action not permitted
Modal body text goes here.
Modal Title
Modal Body
ubuntu-cve-2014-1533
Vulnerability from osv_ubuntu
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
{
"affected": [
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "firefox",
"binary_version": "30.0+build1-0ubuntu0.14.04.3"
},
{
"binary_name": "firefox-globalmenu",
"binary_version": "30.0+build1-0ubuntu0.14.04.3"
},
{
"binary_name": "firefox-mozsymbols",
"binary_version": "30.0+build1-0ubuntu0.14.04.3"
},
{
"binary_name": "firefox-testsuite",
"binary_version": "30.0+build1-0ubuntu0.14.04.3"
}
]
},
"package": {
"ecosystem": "Ubuntu:14.04:LTS",
"name": "firefox",
"purl": "pkg:deb/ubuntu/firefox@30.0+build1-0ubuntu0.14.04.3?arch=source\u0026distro=trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "30.0+build1-0ubuntu0.14.04.3"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"24.0+build1-0ubuntu1",
"25.0+build3-0ubuntu0.13.10.1",
"28.0~b2+build1-0ubuntu2",
"28.0+build1-0ubuntu1",
"28.0+build2-0ubuntu1",
"28.0+build2-0ubuntu2",
"29.0+build1-0ubuntu0.14.04.2"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "thunderbird",
"binary_version": "1:24.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "thunderbird-globalmenu",
"binary_version": "1:24.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "thunderbird-gnome-support",
"binary_version": "1:24.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "thunderbird-mozsymbols",
"binary_version": "1:24.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "thunderbird-testsuite",
"binary_version": "1:24.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "xul-ext-calendar-timezones",
"binary_version": "1:24.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "xul-ext-gdata-provider",
"binary_version": "1:24.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "xul-ext-lightning",
"binary_version": "1:24.6.0+build1-0ubuntu0.14.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:14.04:LTS",
"name": "thunderbird",
"purl": "pkg:deb/ubuntu/thunderbird@1:24.6.0+build1-0ubuntu0.14.04.1?arch=source\u0026distro=trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:24.6.0+build1-0ubuntu0.14.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:24.0+build1-0ubuntu1",
"1:24.0+build1-0ubuntu2",
"1:24.1.1+build1-0ubuntu0.13.10.1",
"1:24.1.1+build1-0ubuntu1",
"1:24.2.0+build1-0ubuntu1",
"1:24.4.0+build1-0ubuntu1",
"1:24.5.0+build1-0ubuntu0.14.04.1"
]
}
],
"aliases": [],
"details": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"id": "UBUNTU-CVE-2014-1533",
"modified": "2026-04-22T07:37:41Z",
"published": "2014-06-11T00:00:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1533"
},
{
"type": "REPORT",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-48.html"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-2243-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-2250-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1533"
}
],
"related": [
"USN-2243-1",
"USN-2250-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2014-1533"
]
}
CVE-2014-1533 (GCVE-0-2014-1533)
Vulnerability from cvelistv5 – Published: 2014-06-11 10:00 – Updated: 2024-08-06 09:42- n/a
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:36.182Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "59229",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59229"
},
{
"name": "openSUSE-SU-2014:0819",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1009952"
},
{
"name": "RHSA-2014:0741",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0741.html"
},
{
"name": "SUSE-SU-2014:0824",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html"
},
{
"name": "59387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59387"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-48.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=991981"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=921622"
},
{
"name": "59150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59150"
},
{
"name": "1030388",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030388"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=988719"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=999651"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1011007"
},
{
"name": "59052",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59052"
},
{
"name": "openSUSE-SU-2014:0855",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html"
},
{
"name": "openSUSE-SU-2014:0797",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html"
},
{
"name": "59169",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59169"
},
{
"name": "59165",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59165"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "59866",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59866"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-0742.html"
},
{
"name": "openSUSE-SU-2014:0858",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=967354"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=978811"
},
{
"name": "59377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59377"
},
{
"name": "59149",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59149"
},
{
"name": "RHSA-2014:0742",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0742.html"
},
{
"name": "USN-2243-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2243-1"
},
{
"name": "DSA-2960",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2960"
},
{
"name": "DSA-2955",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2955"
},
{
"name": "1030386",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-0741.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=992274"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=995679"
},
{
"name": "58984",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58984"
},
{
"name": "59170",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59170"
},
{
"name": "59425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59425"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=994907"
},
{
"name": "67965",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67965"
},
{
"name": "59171",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59171"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=996715"
},
{
"name": "59328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59328"
},
{
"name": "59275",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59275"
},
{
"name": "USN-2250-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2250-1"
},
{
"name": "59486",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59486"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-27T18:57:01.000Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "59229",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59229"
},
{
"name": "openSUSE-SU-2014:0819",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1009952"
},
{
"name": "RHSA-2014:0741",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0741.html"
},
{
"name": "SUSE-SU-2014:0824",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html"
},
{
"name": "59387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59387"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-48.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=991981"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=921622"
},
{
"name": "59150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59150"
},
{
"name": "1030388",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030388"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=988719"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=999651"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1011007"
},
{
"name": "59052",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59052"
},
{
"name": "openSUSE-SU-2014:0855",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html"
},
{
"name": "openSUSE-SU-2014:0797",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html"
},
{
"name": "59169",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59169"
},
{
"name": "59165",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59165"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "59866",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59866"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-0742.html"
},
{
"name": "openSUSE-SU-2014:0858",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=967354"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=978811"
},
{
"name": "59377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59377"
},
{
"name": "59149",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59149"
},
{
"name": "RHSA-2014:0742",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0742.html"
},
{
"name": "USN-2243-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2243-1"
},
{
"name": "DSA-2960",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2960"
},
{
"name": "DSA-2955",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2955"
},
{
"name": "1030386",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-0741.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=992274"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=995679"
},
{
"name": "58984",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58984"
},
{
"name": "59170",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59170"
},
{
"name": "59425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59425"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=994907"
},
{
"name": "67965",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67965"
},
{
"name": "59171",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59171"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=996715"
},
{
"name": "59328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59328"
},
{
"name": "59275",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59275"
},
{
"name": "USN-2250-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2250-1"
},
{
"name": "59486",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59486"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1533",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "59229",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59229"
},
{
"name": "openSUSE-SU-2014:0819",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1009952",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1009952"
},
{
"name": "RHSA-2014:0741",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0741.html"
},
{
"name": "SUSE-SU-2014:0824",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html"
},
{
"name": "59387",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59387"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-48.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-48.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=991981",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=991981"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=921622",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=921622"
},
{
"name": "59150",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59150"
},
{
"name": "1030388",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030388"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=988719",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=988719"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=999651",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=999651"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1011007",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1011007"
},
{
"name": "59052",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59052"
},
{
"name": "openSUSE-SU-2014:0855",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html"
},
{
"name": "openSUSE-SU-2014:0797",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html"
},
{
"name": "59169",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59169"
},
{
"name": "59165",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59165"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "59866",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59866"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-0742.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-0742.html"
},
{
"name": "openSUSE-SU-2014:0858",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=967354",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=967354"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=978811",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=978811"
},
{
"name": "59377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59377"
},
{
"name": "59149",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59149"
},
{
"name": "RHSA-2014:0742",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0742.html"
},
{
"name": "USN-2243-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2243-1"
},
{
"name": "DSA-2960",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2960"
},
{
"name": "DSA-2955",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2955"
},
{
"name": "1030386",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030386"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-0741.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-0741.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=992274",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=992274"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=995679",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=995679"
},
{
"name": "58984",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58984"
},
{
"name": "59170",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59170"
},
{
"name": "59425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59425"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=994907",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=994907"
},
{
"name": "67965",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67965"
},
{
"name": "59171",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59171"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=996715",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=996715"
},
{
"name": "59328",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59328"
},
{
"name": "59275",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59275"
},
{
"name": "USN-2250-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2250-1"
},
{
"name": "59486",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59486"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1533",
"datePublished": "2014-06-11T10:00:00.000Z",
"dateReserved": "2014-01-16T00:00:00.000Z",
"dateUpdated": "2024-08-06T09:42:36.182Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
usn-2243-1
Vulnerability from osv_ubuntu
Gary Kwong, Christoph Diehl, Christian Holler, Hannes Verschore, Jan de Mooij, Ryan VanderMeulen, Jeff Walden, Kyle Huey, Jesse Ruderman, Gregor Wagner, Benoit Jacob and Karl Tomlinson discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-1533, CVE-2014-1534)
Abhishek Arya discovered multiple use-after-free and out-of-bounds read issues in Firefox. An attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the priviliges of the user invoking Firefox. (CVE-2014-1536, CVE-2014-1537, CVE-2014-1538)
Tyson Smith and Jesse Schwartzentruber discovered a use-after-free in the event listener manager. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the priviliges of the user invoking Firefox. (CVE-2014-1540)
A use-after-free was discovered in the SMIL animation controller. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the priviliges of the user invoking Firefox. (CVE-2014-1541)
Holger Fuhrmannek discovered a buffer overflow in Web Audio. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the priviliges of the user invoking Firefox. (CVE-2014-1542)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2014-1533",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1534",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1536",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1537",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1538",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1540",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1541",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1542",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:14.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "firefox",
"binary_version": "30.0+build1-0ubuntu0.14.04.3"
},
{
"binary_name": "firefox-globalmenu",
"binary_version": "30.0+build1-0ubuntu0.14.04.3"
},
{
"binary_name": "firefox-mozsymbols",
"binary_version": "30.0+build1-0ubuntu0.14.04.3"
},
{
"binary_name": "firefox-testsuite",
"binary_version": "30.0+build1-0ubuntu0.14.04.3"
}
]
},
"package": {
"ecosystem": "Ubuntu:14.04:LTS",
"name": "firefox",
"purl": "pkg:deb/ubuntu/firefox@30.0+build1-0ubuntu0.14.04.3?arch=source\u0026distro=trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "30.0+build1-0ubuntu0.14.04.3"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"24.0+build1-0ubuntu1",
"25.0+build3-0ubuntu0.13.10.1",
"28.0~b2+build1-0ubuntu2",
"28.0+build1-0ubuntu1",
"28.0+build2-0ubuntu1",
"28.0+build2-0ubuntu2",
"29.0+build1-0ubuntu0.14.04.2"
]
}
],
"aliases": [],
"details": "Gary Kwong, Christoph Diehl, Christian Holler, Hannes Verschore, Jan de\nMooij, Ryan VanderMeulen, Jeff Walden, Kyle Huey, Jesse Ruderman, Gregor\nWagner, Benoit Jacob and Karl Tomlinson discovered multiple memory safety\nissues in Firefox. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit these to cause a\ndenial of service via application crash, or execute arbitrary code with\nthe privileges of the user invoking Firefox. (CVE-2014-1533,\nCVE-2014-1534)\n\nAbhishek Arya discovered multiple use-after-free and out-of-bounds read\nissues in Firefox. An attacker could potentially exploit these to cause\na denial of service via application crash or execute arbitrary code with\nthe priviliges of the user invoking Firefox. (CVE-2014-1536,\nCVE-2014-1537, CVE-2014-1538)\n\nTyson Smith and Jesse Schwartzentruber discovered a use-after-free in the\nevent listener manager. An attacker could potentially exploit this to\ncause a denial of service via application crash or execute arbitrary code\nwith the priviliges of the user invoking Firefox. (CVE-2014-1540)\n\nA use-after-free was discovered in the SMIL animation controller. An\nattacker could potentially exploit this to cause a denial of service via\napplication crash or execute arbitrary code with the priviliges of the\nuser invoking Firefox. (CVE-2014-1541)\n\nHolger Fuhrmannek discovered a buffer overflow in Web Audio. An attacker\ncould potentially exploit this to cause a denial of service via\napplication crash or execute arbitrary code with the priviliges of the\nuser invoking Firefox. (CVE-2014-1542)\n",
"id": "USN-2243-1",
"modified": "2026-04-22T07:36:31Z",
"published": "2014-06-11T12:25:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-2243-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1533"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1534"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1536"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1537"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1538"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1540"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1541"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1542"
},
{
"type": "REPORT",
"url": "https://launchpad.net/bugs/1326690"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "firefox vulnerabilities",
"upstream": [
"UBUNTU-CVE-2014-1533",
"UBUNTU-CVE-2014-1534",
"UBUNTU-CVE-2014-1536",
"UBUNTU-CVE-2014-1537",
"UBUNTU-CVE-2014-1538",
"UBUNTU-CVE-2014-1540",
"UBUNTU-CVE-2014-1541",
"UBUNTU-CVE-2014-1542"
]
}
usn-2250-1
Vulnerability from osv_ubuntu
Gary Kwong, Christoph Diehl, Christian Holler, Hannes Verschore, Jan de Mooij, Ryan VanderMeulen, Jeff Walden and Kyle Huey discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2014-1533)
Abhishek Arya discovered multiple use-after-free and out-of-bounds read issues in Thunderbird. If a user had enabled scripting, an attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the priviliges of the user invoking Thunderbird. (CVE-2014-1538)
A use-after-free was discovered in the SMIL animation controller. If a user had enabled scripting, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the priviliges of the user invoking Thunderbird. (CVE-2014-1541)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2014-1533",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1538",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1541",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:14.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "thunderbird",
"binary_version": "1:24.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "thunderbird-globalmenu",
"binary_version": "1:24.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "thunderbird-gnome-support",
"binary_version": "1:24.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "thunderbird-mozsymbols",
"binary_version": "1:24.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "thunderbird-testsuite",
"binary_version": "1:24.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "xul-ext-calendar-timezones",
"binary_version": "1:24.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "xul-ext-gdata-provider",
"binary_version": "1:24.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "xul-ext-lightning",
"binary_version": "1:24.6.0+build1-0ubuntu0.14.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:14.04:LTS",
"name": "thunderbird",
"purl": "pkg:deb/ubuntu/thunderbird@1:24.6.0+build1-0ubuntu0.14.04.1?arch=source\u0026distro=trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:24.6.0+build1-0ubuntu0.14.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:24.0+build1-0ubuntu1",
"1:24.0+build1-0ubuntu2",
"1:24.1.1+build1-0ubuntu0.13.10.1",
"1:24.1.1+build1-0ubuntu1",
"1:24.2.0+build1-0ubuntu1",
"1:24.4.0+build1-0ubuntu1",
"1:24.5.0+build1-0ubuntu0.14.04.1"
]
}
],
"aliases": [],
"details": "Gary Kwong, Christoph Diehl, Christian Holler, Hannes Verschore, Jan de\nMooij, Ryan VanderMeulen, Jeff Walden and Kyle Huey discovered multiple\nmemory safety issues in Thunderbird. If a user were tricked in to opening\na specially crafted message with scripting enabled, an attacker could\npotentially exploit these to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the user invoking\nThunderbird. (CVE-2014-1533)\n\nAbhishek Arya discovered multiple use-after-free and out-of-bounds read\nissues in Thunderbird. If a user had enabled scripting, an attacker could\npotentially exploit these to cause a denial of service via application\ncrash or execute arbitrary code with the priviliges of the user invoking\nThunderbird. (CVE-2014-1538)\n\nA use-after-free was discovered in the SMIL animation controller. If a\nuser had enabled scripting, an attacker could potentially exploit this\nto cause a denial of service via application crash or execute arbitrary\ncode with the priviliges of the user invoking Thunderbird. (CVE-2014-1541)\n",
"id": "USN-2250-1",
"modified": "2026-04-22T07:36:31Z",
"published": "2014-06-19T11:22:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-2250-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1533"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1538"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1541"
},
{
"type": "REPORT",
"url": "https://launchpad.net/bugs/1328003"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "thunderbird vulnerabilities",
"upstream": [
"UBUNTU-CVE-2014-1533",
"UBUNTU-CVE-2014-1538",
"UBUNTU-CVE-2014-1541"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.