{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-07-22T00:00:00", "descriptions": [{"lang": "en", "value": "The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-01-04T20:57:01", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"name": "59719", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/59719"}, {"name": "60083", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/60083"}, {"name": "60621", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/60621"}, {"name": "68824", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/68824"}, {"name": "GLSA-201504-01", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201504-01"}, {"name": "60306", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/60306"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://linux.oracle.com/errata/ELSA-2014-0918.html"}, {"name": "1030620", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1030620"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=913805"}, {"name": "DSA-2996", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2014/dsa-2996"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-64.html"}, {"name": "1030619", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1030619"}, {"name": "60486", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/60486"}, {"name": "60628", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/60628"}, {"name": "DSA-2986", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2014/dsa-2986"}, {"name": "59760", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/59760"}, {"name": "59591", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/59591"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2014-1557", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "59719", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59719"}, {"name": "60083", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60083"}, {"name": "60621", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60621"}, {"name": "68824", "refsource": "BID", "url": "http://www.securityfocus.com/bid/68824"}, {"name": "GLSA-201504-01", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201504-01"}, {"name": "60306", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60306"}, {"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"}, {"name": "http://linux.oracle.com/errata/ELSA-2014-0918.html", "refsource": "CONFIRM", "url": "http://linux.oracle.com/errata/ELSA-2014-0918.html"}, {"name": "1030620", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030620"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=913805", "refsource": "CONFIRM", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=913805"}, {"name": "DSA-2996", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2014/dsa-2996"}, {"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-64.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-64.html"}, {"name": "1030619", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030619"}, {"name": "60486", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60486"}, {"name": "60628", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60628"}, {"name": "DSA-2986", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2014/dsa-2986"}, {"name": "59760", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59760"}, {"name": "59591", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59591"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:42:36.307Z"}, "title": "CVE Program Container", "references": [{"name": "59719", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/59719"}, {"name": "60083", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/60083"}, {"name": "60621", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/60621"}, {"name": "68824", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/68824"}, {"name": "GLSA-201504-01", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201504-01"}, {"name": "60306", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/60306"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://linux.oracle.com/errata/ELSA-2014-0918.html"}, {"name": "1030620", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1030620"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=913805"}, {"name": "DSA-2996", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2014/dsa-2996"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-64.html"}, {"name": "1030619", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1030619"}, {"name": "60486", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/60486"}, {"name": "60628", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/60628"}, {"name": "DSA-2986", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2014/dsa-2986"}, {"name": "59760", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/59760"}, {"name": "59591", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/59591"}]}]}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2014-1557", "datePublished": "2014-07-23T10:00:00", "dateReserved": "2014-01-16T00:00:00", "dateUpdated": "2024-08-06T09:42:36.307Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "matchCriteriaId": "79A602C5-61FE-47BA-9786-F045B6C6DBA8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BD70C79-7EA7-49CB-B3D6-6C77E0C55BB4", "versionEndIncluding": "30.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "4142C9EE-7094-4CD5-A781-30B91AF28855", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:24.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A4DE4CBB-6604-4AF2-B499-06BCD9E213C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:24.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "70ECF11D-B5D0-4EBA-9E1F-0978AF7C7818", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:24.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2E063254-A0BA-4804-8149-E9CA29CBA8F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:24.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B252A215-308E-4B4C-9D7F-BA21A7D22CF4", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:24.2:*:*:*:*:*:*:*", "matchCriteriaId": "A237D8D8-5656-4537-AD08-30CB8B4DAD63", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:24.3:*:*:*:*:*:*:*", "matchCriteriaId": "04B61AC7-E951-407F-A62E-490F9FEDE9C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:24.4:*:*:*:*:*:*:*", "matchCriteriaId": "A9F70319-C8E4-4F54-9449-B0C3A59BF7C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:24.5:*:*:*:*:*:*:*", "matchCriteriaId": "9CAD5F3B-54D7-425B-89D2-A3A86DE31BAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:24.6:*:*:*:*:*:*:*", "matchCriteriaId": "44D4B068-3456-4748-94BE-ACBA6A026570", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0B063ED-8BD8-4E14-8990-D23CCB0A20BB", "versionEndIncluding": "24.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "7CCAFDF1-10BB-4AB0-9C9D-E99DDBA901BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:24.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "31EE89B8-705F-4A05-9015-3D6E81D394E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:24.1:*:*:*:*:*:*:*", "matchCriteriaId": "E30AE3D4-6A3E-435E-BDBF-1A9A17297433", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:24.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B0C705A0-62C0-485A-A077-C7DD426F80B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:24.2:*:*:*:*:*:*:*", "matchCriteriaId": "66C802A7-E4D5-4D2D-9CE8-749A75DF7461", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:24.3:*:*:*:*:*:*:*", "matchCriteriaId": "4E8A57FA-AC27-4288-8E42-97DECF3B993C", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:24.4:*:*:*:*:*:*:*", "matchCriteriaId": "1D474B11-98D0-41A3-A98B-CFB6955264AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:24.5:*:*:*:*:*:*:*", "matchCriteriaId": "6BBD940E-9EF0-460B-A721-E70C719F2244", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image."}, {"lang": "es", "value": "La funci\u00f3n ConvolveHorizontally en Skia, utilizado en Mozilla Firefox anterior a 31.0, Firefox ESR 24.x anterior a 24.7 y Thunderbird anterior a 24.7, no maneja debidamente el descarte de datos de im\u00e1genes durante la ejecuci\u00f3n de la funci\u00f3n, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante la provocaci\u00f3n del escalado prolongado de im\u00e1genes, tal y como fue demostrado mediante el escalado de un imagen de alta calidad."}], "id": "CVE-2014-1557", "lastModified": "2017-01-07T02:59:39.797", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-07-23T11:12:43.217", "references": [{"source": "security@mozilla.org", "url": "http://linux.oracle.com/errata/ELSA-2014-0918.html"}, {"source": "security@mozilla.org", "url": "http://secunia.com/advisories/59591"}, {"source": "security@mozilla.org", "url": "http://secunia.com/advisories/59719"}, {"source": "security@mozilla.org", "url": "http://secunia.com/advisories/59760"}, {"source": "security@mozilla.org", "url": "http://secunia.com/advisories/60083"}, {"source": "security@mozilla.org", "url": "http://secunia.com/advisories/60306"}, {"source": "security@mozilla.org", "url": "http://secunia.com/advisories/60486"}, {"source": "security@mozilla.org", "url": "http://secunia.com/advisories/60621"}, {"source": "security@mozilla.org", "url": "http://secunia.com/advisories/60628"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2014/dsa-2986"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2014/dsa-2996"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-64.html"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"}, {"source": "security@mozilla.org", "url": "http://www.securityfocus.com/bid/68824"}, {"source": "security@mozilla.org", "url": "http://www.securitytracker.com/id/1030619"}, {"source": "security@mozilla.org", "url": "http://www.securitytracker.com/id/1030620"}, {"source": "security@mozilla.org", "tags": ["Issue Tracking"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=913805"}, {"source": "security@mozilla.org", "url": "https://security.gentoo.org/glsa/201504-01"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Mozilla project for reporting this issue. Upstream acknowledges Mozilla community member John as the original reporter.", "affected_release": [{"advisory": "RHSA-2014:0918", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "thunderbird-0:24.7.0-1.el5_10", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2014-07-22T00:00:00Z"}, {"advisory": "RHSA-2014:0919", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "firefox-0:24.7.0-1.el5_10", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2014-07-22T00:00:00Z"}, {"advisory": "RHSA-2014:0918", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "thunderbird-0:24.7.0-1.el6_5", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2014-07-22T00:00:00Z"}, {"advisory": "RHSA-2014:0919", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "firefox-0:24.7.0-1.el6_5", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2014-07-22T00:00:00Z"}, {"advisory": "RHSA-2014:0919", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "firefox-0:24.7.0-1.el7_0", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2014-07-22T00:00:00Z"}, {"advisory": "RHSA-2014:0919", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "xulrunner-0:24.7.0-1.el7_0", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2014-07-22T00:00:00Z"}], "bugzilla": {"description": "Mozilla: Crash in Skia library when scaling high quality images (MFSA 2014-64)", "id": "1121479", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121479"}, "csaw": false, "cvss": {"cvss_base_score": "5.1", "cvss_scoring_vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "status": "verified"}, "cwe": "CWE-672", "details": ["The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image."], "name": "CVE-2014-1557", "public_date": "2014-07-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-1557\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-1557\nhttp://www.mozilla.org/security/announce/2014/mfsa2014-64.html"], "threat_severity": "Moderate"}