Vulnerability & Exploit Database

Displaying all 8 entries

Results for: CVE-2014-1498 Back to search

SUSE Linux Security Advisory: SUSE-SU-2014:1100-1 Vulnerability

  • Severity: 10
  • Published: September 03, 2014

Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incor...

USN-2150-1: Firefox vulnerabilities Vulnerability

  • Severity: 9
  • Published: March 19, 2014

vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application cr...

SUSE: CVE-2014-1498: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: March 19, 2014

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.

Oracle Solaris 11: CVE-2014-1498: Vulnerability in Firefox Vulnerability

  • Severity: 5
  • Published: March 19, 2014

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.

Gentoo Linux: CVE-2014-1498: Mozilla Products: Multiple vulnerabilities Vulnerability

  • Severity: 5
  • Published: March 19, 2014

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.

FreeBSD: mozilla -- multiple vulnerabilities (Multiple CVEs) Vulnerability

  • Severity: 9
  • Published: March 19, 2014

vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application cr...

MFSA2014-18 Firefox: crypto.generateCRMFRequest does not validate type of key (CVE-2014-1498) Vulnerability

  • Severity: 5
  • Published: March 18, 2014

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.