CVE-2014-1531Use After Free in Mozilla Firefox

CWE-416Use After Free8 documents7 sources
Severity
8.8HIGHNVD
EPSS
5.1%
top 10.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
15
Mozilla FirefoxMozilla SeamonkeyMozilla Thunderbird+12 more
Timeline
PublishedApr 30
Latest updateMay 13

Description

Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages10 packages

NVDmozilla/firefox24.024.5+1
Ubuntumozilla/firefox< 29.0+build1-0ubuntu0.14.04.2
NVDmozilla/seamonkey< 2.26
Ubuntumozilla/thunderbird< 1:24.5.0+build1-0ubuntu0.14.04.1

Also affects: Debian Linux 7.0, 8.0, Fedora 19, 20, Ubuntu Linux 12.04, 12.10, 13.10, 14.04, Enterprise Linux 6.5

🔴Vulnerability Details

3
GHSA
GHSA-8fx2-5vw6-974x: Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 292022-05-13
CVEList
CVE-2014-1531: Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 292014-04-30
OSV
CVE-2014-1531: Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 292014-04-29

📋Vendor Advisories

3
Ubuntu
Thunderbird vulnerabilities2014-04-30
Ubuntu
Firefox vulnerabilities2014-04-29
Red Hat
Mozilla: Use-after-free in imgLoader while resizing images (MFSA 2014-44)2014-04-29

💬Community

1
Bugzilla
CVE-2014-1531 Mozilla: Use-after-free in imgLoader while resizing images (MFSA 2014-44)2014-04-29
CVE-2014-1531 — Use After Free in Mozilla Firefox | cvebase