JVN/CVE Demo: Cveinfos

CVE

Id: 68833
CVE No.: CVE-2014-1538
Status: Candidate
Description: Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Phase: Assigned (20140116)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
661605	68833	CVE-2014-1538	CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-49.html	View
661606	68833	CVE-2014-1538	CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=1005584	View
661607	68833	CVE-2014-1538	CONFIRM:http://linux.oracle.com/errata/ELSA-2014-0741.html	View
661608	68833	CVE-2014-1538	CONFIRM:http://linux.oracle.com/errata/ELSA-2014-0742.html	View
661609	68833	CVE-2014-1538	CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html	View
661610	68833	CVE-2014-1538	GENTOO:GLSA-201504-01	View
661611	68833	CVE-2014-1538	URL:https://security.gentoo.org/glsa/201504-01	View
661612	68833	CVE-2014-1538	SUSE:openSUSE-SU-2014:0855	View
661613	68833	CVE-2014-1538	URL:http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html	View
661614	68833	CVE-2014-1538	SUSE:openSUSE-SU-2014:0858	View
661615	68833	CVE-2014-1538	URL:http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html	View
661616	68833	CVE-2014-1538	BID:67976	View
661617	68833	CVE-2014-1538	URL:http://www.securityfocus.com/bid/67976	View
661618	68833	CVE-2014-1538	SECTRACK:1030386	View
661619	68833	CVE-2014-1538	URL:http://www.securitytracker.com/id/1030386	View
661620	68833	CVE-2014-1538	SECTRACK:1030388	View
661621	68833	CVE-2014-1538	URL:http://www.securitytracker.com/id/1030388	View
661622	68833	CVE-2014-1538	SECUNIA:58984	View
661623	68833	CVE-2014-1538	URL:http://secunia.com/advisories/58984	View
661624	68833	CVE-2014-1538	SECUNIA:59052	View
661625	68833	CVE-2014-1538	URL:http://secunia.com/advisories/59052	View
661626	68833	CVE-2014-1538	SECUNIA:59149	View
661627	68833	CVE-2014-1538	URL:http://secunia.com/advisories/59149	View
661628	68833	CVE-2014-1538	SECUNIA:59150	View
661629	68833	CVE-2014-1538	URL:http://secunia.com/advisories/59150	View
661630	68833	CVE-2014-1538	SECUNIA:59165	View
661631	68833	CVE-2014-1538	URL:http://secunia.com/advisories/59165	View
661632	68833	CVE-2014-1538	SECUNIA:59169	View
661633	68833	CVE-2014-1538	URL:http://secunia.com/advisories/59169	View
661634	68833	CVE-2014-1538	SECUNIA:59170	View
661635	68833	CVE-2014-1538	URL:http://secunia.com/advisories/59170	View
661636	68833	CVE-2014-1538	SECUNIA:59171	View
661637	68833	CVE-2014-1538	URL:http://secunia.com/advisories/59171	View
661638	68833	CVE-2014-1538	SECUNIA:59229	View
661639	68833	CVE-2014-1538	URL:http://secunia.com/advisories/59229	View
661640	68833	CVE-2014-1538	SECUNIA:59275	View
661641	68833	CVE-2014-1538	URL:http://secunia.com/advisories/59275	View
661642	68833	CVE-2014-1538	SECUNIA:59866	View
661643	68833	CVE-2014-1538	URL:http://secunia.com/advisories/59866	View
661644	68833	CVE-2014-1538	SECUNIA:59377	View
661645	68833	CVE-2014-1538	URL:http://secunia.com/advisories/59377	View
661646	68833	CVE-2014-1538	SECUNIA:59387	View
661647	68833	CVE-2014-1538	URL:http://secunia.com/advisories/59387	View
661648	68833	CVE-2014-1538	SECUNIA:59328	View
661649	68833	CVE-2014-1538	URL:http://secunia.com/advisories/59328	View
661650	68833	CVE-2014-1538	SECUNIA:59425	View
661651	68833	CVE-2014-1538	URL:http://secunia.com/advisories/59425	View
661652	68833	CVE-2014-1538	SECUNIA:59486	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
14933	JVNDB-2014-003808	Bugzilla の jsonrpc.cgi の WebService/Server/JSONRPC.pm の JSONP エンドポイント内の response 関数におけるクロスサイトリクエストフォージェリ攻撃を実行される脆弱性	Bugzilla の jsonrpc.cgi の WebService/Server/JSONRPC.pm の JSONP エンドポイント内の response 関数は、特定の過度に長いコールバック値を受け入れ、JSONP レスポンスの最初のバイトを制限しないため、クロスサイトリクエストフォージェリ攻撃を実行され、重要な情報を取得される脆弱性が存在します。	CVE-2014-1546	68833	4.3		http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003808.html	View

Message	Memory use
Component initialization	1.38 MB
Controller action start	1.48 MB
Controller render start	2.32 MB
View render complete	2.81 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	8.14
Event: Controller.initialize	0.03
Event: Controller.startup	0.18
Controller action	396.05
Event: Controller.beforeRender	5.24
» Processing toolbar data	5.14
Rendering View	16.81
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	15.28
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.98
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.15
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/68833
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/68833
Remote Port	62200
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.30
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.3.133.73
Http Via	1.1 squid-proxy-5b5d847c96-44pb5 (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.30
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.30
Unique Id	aIlREtVPlY3Uutcg_h_5bAAAATQ
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.30
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.30
Redirect Unique Id	aIlREtVPlY3Uutcg_h_5bAAAATQ
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.30
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.30
Redirect Redirect Unique Id	aIlREtVPlY3Uutcg_h_5bAAAATQ
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1753829650.8697
Request Time	1753829650

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files