8.8

CVE-2014-1509

Exploit

Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MozillaFirefox Version < 28.0
MozillaFirefox ESR Version >= 24.0 < 24.4
MozillaSeamonkey Version < 2.25
MozillaThunderbird Version < 24.4
RedhatEnterprise Linux Eus Version6.5
CanonicalUbuntu Linux Version12.04 SwEditionesm
CanonicalUbuntu Linux Version12.10
CanonicalUbuntu Linux Version13.10
OpensuseOpensuse Version11.4
OpensuseOpensuse Version12.3
OpensuseOpensuse Version13.1
SuseSuse Linux Enterprise Desktop Version11 Updatesp3
SuseSuse Linux Enterprise Server Version11 Updatesp3
SuseSuse Linux Enterprise Server Version11 Updatesp3 SwPlatformvmware
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.81% 0.72
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

http://www.securityfocus.com/bid/66425
Third Party Advisory
VDB Entry
https://bugzilla.mozilla.org/show_bug.cgi?id=966021
Vendor Advisory
Exploit
Issue Tracking