CVE-2014-1488

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0450%

EPSS Percentile17.73th

PublishedFeb 6, 2014

Last ModifiedApr 29, 2026

Vulnerability Description

The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js.

Affected Platforms (CPE)

📦

Mozilla

Firefox

< 27.0

📦

Mozilla

Seamonkey

< 2.24

💻

Canonical

Ubuntu Linux

= 12.04

💻

Canonical

Ubuntu Linux

= 12.10

💻

Canonical

Ubuntu Linux

= 13.10

💻

Oracle

Solaris

= 11.3

💻

Opensuse

= 12.3

💻

Opensuse

= 13.1

💻

Suse

Linux Enterprise Desktop

= 11

💻

Suse

Linux Enterprise Server

= 11

💻

Suse

Linux Enterprise Server

= 11

💻

Suse

Linux Enterprise Software Development Kit

= 11

References & Advisories

🔗 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html

🔗 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html

🔗 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html

🔗 http://osvdb.org/102875

🔗 http://secunia.com/advisories/56706

🔗 http://secunia.com/advisories/56767

🔗 http://secunia.com/advisories/56787

🔗 http://secunia.com/advisories/56888

Vulnerability Description

Affected Platforms (CPE)

Firefox

Seamonkey

Ubuntu Linux

Ubuntu Linux

Ubuntu Linux

Solaris

Opensuse

Opensuse

Linux Enterprise Desktop

Linux Enterprise Server

Linux Enterprise Server

Linux Enterprise Software Development Kit

References & Advisories

Related Vulnerabilities