Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2014-03-19T10:00:00

Updated: 2024-08-06T09:42:36.221Z

Reserved: 2014-01-16T00:00:00

Link: CVE-2014-1512

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2014-03-19T10:55:06.660

Modified: 2020-08-10T18:42:12.063

Link: CVE-2014-1512

cve-icon Redhat

Severity : Critical

Publid Date: 2014-03-18T00:00:00Z

Links: CVE-2014-1512 - Bugzilla