Vulnerability Database

296,213

Total vulnerabilities in the database

CVE-2014-1576

Heap-based buffer overflow in the nsTransformedTextRun function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via Cascading Style Sheets (CSS) token sequences that trigger changes to capitalization style.

  • Published: Oct 15, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-1576
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
mozilla / thunderbird 31.0 31.0.x
mozilla / thunderbird 31.1.0 31.1.0.x
mozilla / firefox_esr 31.1.0 31.1.0.x
mozilla / firefox_esr 31.0 31.0.x
mozilla / firefox - 32.0.x
mozilla / firefox 31.0 31.0.x
mozilla / firefox 30.0 30.0.x
mozilla / firefox 31.1.0 31.1.0.x