Denial of Service Vulnerability in Mozilla Firefox and Related Products
CVE-2014-1590

Currently unrated

Key Information:

Vendor
Mozilla
Status
Firefox Esr
Firefox
Seamonkey
Thunderbird
Vendor
CVE Published:
11 December 2014

Summary

A vulnerability exists in the XMLHttpRequest.prototype.send method across various Mozilla products, allowing remote attackers to exploit a flaw that triggers application crashes. By sending a specially crafted JavaScript object, this flaw can lead to a denial of service, affecting the stability and usability of Mozilla Firefox, Thunderbird, and SeaMonkey. Users are advised to update their applications to mitigate potential risks.

References

http://www.mozilla.org/security/announce/2014/mfsa2014-85...
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2015...
vendor-advisoryx_refsource_SUSE
https://security.gentoo.org/glsa/201504-01
vendor-advisoryx_refsource_GENTOO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2014-1590 : Denial of Service Vulnerability in Mozilla Firefox and Related Products | SecurityVulnerability.io