CVE-2014-1541
Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0196 (2.0%)
Percentil: 83.6%
EPSS: 2026-05-06
Afecta
mozilla:thunderbirdmozilla:firefoxmozilla:firefox_esrDescripción técnica
Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.
Publicada: 11/6/2014, 10:57:17
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://linux.oracle.com/errata/ELSA-2014-0741.html
- http://linux.oracle.com/errata/ELSA-2014-0742.html
- http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html
- http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html
- http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html
- http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html
- http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html
- http://rhn.redhat.com/errata/RHSA-2014-0741.html