CVE-2014-1563
Published: 2 September 2014
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection.
Priority
Status
Package | Release | Status |
---|---|---|
firefox Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Released
(32.0+build1-0ubuntu0.12.04.1)
|
|
trusty |
Released
(32.0+build1-0ubuntu0.14.04.1)
|
|
upstream |
Released
(32.0)
|
|
thunderbird Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Released
(1:31.1.0+build2-0ubuntu0.12.04.1)
|
|
trusty |
Released
(1:31.1.0+build2-0ubuntu0.14.04.1)
|
|
upstream |
Released
(31.1.0)
|