CVE-2014-1488

CVE Database · CVE-2014-1488

CVE-2014-1488

· N/AModified

CVSS v3.1

N/A

EPSS

7.00%

Published

Feb 6, 2014

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js.

Affected Products (12)

mozilla · firefox (up to 27.0)vulnerable

mozilla · seamonkey (up to 2.24)vulnerable

canonical · ubuntu_linuxvulnerable

oracle · solarisvulnerable

opensuse · opensusevulnerable

suse · linux_enterprise_desktopvulnerable

suse · linux_enterprise_server

References (20)

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html