10

CVE-2014-1488

EPSS 1.09%
Veröffentlicht 06.02.2014 05:44:25
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle security@mozilla.org
Teams Watchlist Login
Unerledigt Login

The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 22

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version < 27.0

Mozilla ≫ Seamonkey Version < 2.24

Canonical ≫ Ubuntu Linux Version12.04 SwEditionesm

Canonical ≫ Ubuntu Linux Version12.10

Canonical ≫ Ubuntu Linux Version13.10

Oracle ≫ Solaris Version11.3

Opensuse ≫ Opensuse Version12.3

Opensuse ≫ Opensuse Version13.1

Suse ≫ Linux Enterprise Desktop Version11 Updatesp3

Suse ≫ Linux Enterprise Server Version11 Updatesp3 SwPlatform-

Suse ≫ Linux Enterprise Server Version11 Updatesp3 SwPlatformvmware

Suse ≫ Linux Enterprise Software Development Kit Version11 Updatesp3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.09%	0.769

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Third Party Advisory

https://security.gentoo.org/glsa/201504-01

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html

Third Party Advisory

Mailing List

http://secunia.com/advisories/56706

Broken Link

http://secunia.com/advisories/56767

Broken Link

http://secunia.com/advisories/56787

Broken Link

http://secunia.com/advisories/56888

Broken Link

http://www.securitytracker.com/id/1029717

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id/1029720

Third Party Advisory

VDB Entry

http://www.ubuntu.com/usn/USN-2102-1

Third Party Advisory

http://www.ubuntu.com/usn/USN-2102-2

Third Party Advisory

https://8pecxstudios.com/?page_id=44080

Broken Link

URL Repurposed

http://osvdb.org/102875

Broken Link

http://www.mozilla.org/security/announce/2014/mfsa2014-11.html

Vendor Advisory

http://www.securityfocus.com/bid/65321

Third Party Advisory

VDB Entry

https://bugzilla.mozilla.org/show_bug.cgi?id=950604

Vendor Advisory

Issue Tracking

https://exchange.xforce.ibmcloud.com/vulnerabilities/90887

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2014-1488

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-1488

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-1488

EUVD