CVE-2014-1551

Firefox < 31.0 and Firefox ESR < 24.7 - Use-After-Free via MathML Font Handling

Title source: llm

Description

Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a DirectWrite font-face object.

References (7)

Core 7

Core References

Third Party Advisory vendor-advisory x_refsource_gentoo

https://security.gentoo.org/glsa/201504-01

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1030620

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1030619

Issue Tracking x_refsource_confirm

https://bugzilla.mozilla.org/show_bug.cgi?id=1018234

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/59760

Vendor Advisory x_refsource_confirm

http://www.mozilla.org/security/announce/2014/mfsa2014-59.html

Scores

EPSS 0.0541

EPSS Percentile 90.3%

Details

Status published

Products (20)

mozilla/firefox 24.0

mozilla/firefox 24.0.1

mozilla/firefox 24.0.2

mozilla/firefox 24.1.0

mozilla/firefox 24.1.1

mozilla/firefox < 30.0

mozilla/firefox_esr 24.2

mozilla/firefox_esr 24.3

mozilla/firefox_esr 24.4

mozilla/firefox_esr 24.5

... and 10 more

Published Jul 23, 2014

Tracked Since Feb 18, 2026