Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2014-07-23T10:00:00
Updated: 2024-08-06T09:42:36.185Z
Reserved: 2014-01-16T00:00:00
Link: CVE-2014-1544
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-07-23T11:12:42.777
Modified: 2017-01-07T02:59:38.673
Link: CVE-2014-1544
Redhat