CVE-2014-1555

High

9.3/10

Summary

Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event.

Access Complexity: MEDIUM
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: COMPLETE
Confidentiality Impact: COMPLETE
Availability Impact: COMPLETE

References

Advisory Timeline

Published Jul 23, 2014

CVE-2014-1555

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS