CVE-2014-1567

Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.

Published: Sep 3, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-1567
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mozilla / firefox	-	31.1.0.x
mozilla / firefox	31.0	31.0.x
mozilla / firefox	30.0	30.0.x
mozilla / firefox_esr	24.5	24.5.x
mozilla / firefox_esr	24.2	24.2.x
mozilla / firefox_esr	24.7	24.7.x
mozilla / firefox_esr	24.0	24.0.x
mozilla / firefox_esr	24.0.2	24.0.2.x
mozilla / firefox_esr	24.1.0	24.1.0.x
mozilla / firefox_esr	24.4	24.4.x
mozilla / firefox_esr	24.3	24.3.x
mozilla / firefox_esr	24.0.1	24.0.1.x
mozilla / firefox_esr	31.0	31.0.x
mozilla / firefox_esr	24.6	24.6.x
mozilla / firefox_esr	24.1.1	24.1.1.x
mozilla / thunderbird	24.0.1	24.0.1.x
mozilla / thunderbird	24.2	24.2.x
mozilla / thunderbird	31.0	31.0.x
mozilla / thunderbird	24.5	24.5.x
mozilla / thunderbird	24.1	24.1.x
mozilla / thunderbird	24.1.1	24.1.1.x
mozilla / thunderbird	24.7	24.7.x
mozilla / thunderbird	24.4	24.4.x
mozilla / thunderbird	24.3	24.3.x
mozilla / thunderbird	24.0	24.0.x
mozilla / thunderbird	24.6	24.6.x

Vulnerability Database

291,049

CVE-2014-1567