CVE-2014-1544

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2014-1544

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2014-1544.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2014-1544

Downstream

DEBIAN-CVE-2014-1544

DLA-89-1

DSA-2986-1

DSA-2996-1

DSA-3071-1

RHSA-2014:0915

RHSA-2014:0916

RHSA-2014:0917

RHSA-2014:1165

UBUNTU-CVE-2014-1544

USN-2295-1

USN-2296-1

USN-2343-1

openSUSE-SU-2024:10071-1

openSUSE-SU-2024:10230-1

openSUSE-SU-2024:14572-1

Related

Withdrawn

2026-01-27T04:12:31.236237Z

Published

2014-07-23T11:12:42Z

Modified

2026-01-27T04:12:31.236237Z

Summary

[none]

Details

Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.

References

Affected packages