Vulnerability & Exploit Database

Displaying entries 1 - 10 of 11 in total

Results for: CVE-2014-1551 Back to search

SUSE: CVE-2014-1551: SUSE Linux Security Advisory Vulnerability

  • Severity: 10
  • Published: July 23, 2014

Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a DirectWrite font-face object.

Oracle Solaris 11: CVE-2014-1551: Vulnerability in Firefox Vulnerability

  • Severity: 10
  • Published: July 23, 2014

Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a DirectWrite font-face object.

MFSA2014-59 Thunderbird: Use-after-free in DirectWrite font handling (CVE-2014-1551) Vulnerability

  • Severity: 10
  • Published: July 23, 2014

Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a DirectWrite font-face object.

MFSA2014-59 Firefox: Use-after-free in DirectWrite font handling (CVE-2014-1551) Vulnerability

  • Severity: 10
  • Published: July 23, 2014

Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a DirectWrite font-face object.

Gentoo Linux: CVE-2014-1551: Mozilla Products: Multiple vulnerabilities Vulnerability

  • Severity: 10
  • Published: July 23, 2014

Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a DirectWrite font-face object.

FreeBSD: mozilla -- multiple vulnerabilities (Multiple CVEs) Vulnerability

  • Severity: 10
  • Published: July 23, 2014

Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a DirectWrite font-face object.

Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 7 Vulnerability

  • Severity: 1
  • Published: June 10, 2014

This is a placeholder for all CVEs that are not relevant for one reason or another on Red Hat Enterprise Linux 7. Oftentimes Red Hat makes this determination because the affected software was shipped, built or configured in a manner that it made it invulnerable to a given vulnerability.

Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 6 Vulnerability

  • Severity: 1
  • Published: November 10, 2010

This is a placeholder for all CVEs that are not relevant for one reason or another on Red Hat Enterprise Linux 6. Oftentimes Red Hat makes this determination because the affected software was shipped, built or configured in a manner that it made it invulnerable to a given vulnerability.

Sun Patch: GNOME 2.6.0_x86: Python patch Vulnerability

  • Severity: 8
  • Published: January 27, 2010

Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.

Sun Patch: GNOME 2.6.0: Python patch Vulnerability

  • Severity: 8
  • Published: January 27, 2010

Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.