Published: 23/07/2014 Updated: 07/01/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox prior to 31.0 and Thunderbird prior to 31.0 allows remote malicious users to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla thunderbird 24.0
mozilla thunderbird 24.0.1
mozilla thunderbird
mozilla thunderbird 24.2
mozilla thunderbird 24.3
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla thunderbird 24.6
mozilla thunderbird 24.5
mozilla thunderbird 24.4
mozilla firefox

Firefox could be made to crash or run programs as your login if it opened a malicious website ...

Several security issues were fixed in Thunderbird ...

Mozilla Foundation Security Advisory 2014-58 Use-after-free in Web Audio due to incorrect control message ordering Announced July 22, 2014 Reporter Atte Kettunen Impact High Products Firefox, Thunderbird Fixed in ...

NVD-CWE-Other http://www.mozilla.org/security/announce/2014/mfsa2014-58.html https://bugzilla.mozilla.org/show_bug.cgi?id=1020411 http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html https://security.gentoo.org/glsa/201504-01 http://www.securitytracker.com/id/1030620 http://www.securitytracker.com/id/1030619 http://secunia.com/advisories/60628 http://secunia.com/advisories/59760 https://nvd.nist.gov https://usn.ubuntu.com/2295-1/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-1550

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect