Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-kway-xy2z-5fak
Vulnerability ID VCID-kway-xy2z-5fak
Aliases CVE-2014-1555
Summary security update
Status Published
Exploitability 0.5
Weighted Severity 8.4
Risk 4.2
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-416 Use After Free
System Score Found at
epss 0.03359 https://api.first.org/data/v1/epss?cve=CVE-2014-1555
epss 0.03359 https://api.first.org/data/v1/epss?cve=CVE-2014-1555
epss 0.03359 https://api.first.org/data/v1/epss?cve=CVE-2014-1555
epss 0.03359 https://api.first.org/data/v1/epss?cve=CVE-2014-1555
epss 0.03359 https://api.first.org/data/v1/epss?cve=CVE-2014-1555
epss 0.03359 https://api.first.org/data/v1/epss?cve=CVE-2014-1555
epss 0.03359 https://api.first.org/data/v1/epss?cve=CVE-2014-1555
epss 0.03359 https://api.first.org/data/v1/epss?cve=CVE-2014-1555
epss 0.03359 https://api.first.org/data/v1/epss?cve=CVE-2014-1555
epss 0.03359 https://api.first.org/data/v1/epss?cve=CVE-2014-1555
epss 0.03359 https://api.first.org/data/v1/epss?cve=CVE-2014-1555
epss 0.03359 https://api.first.org/data/v1/epss?cve=CVE-2014-1555
epss 0.03359 https://api.first.org/data/v1/epss?cve=CVE-2014-1555
epss 0.03359 https://api.first.org/data/v1/epss?cve=CVE-2014-1555
epss 0.03359 https://api.first.org/data/v1/epss?cve=CVE-2014-1555
cvssv2 9.3 https://nvd.nist.gov/vuln/detail/CVE-2014-1555
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2014-61
Reference id Reference type URL
http://linux.oracle.com/errata/ELSA-2014-0918.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1555.json
https://api.first.org/data/v1/epss?cve=CVE-2014-1555
https://bugzilla.mozilla.org/show_bug.cgi?id=1023121
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1547
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1555
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1556
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1557
http://secunia.com/advisories/59591
http://secunia.com/advisories/59719
http://secunia.com/advisories/59760
http://secunia.com/advisories/60083
http://secunia.com/advisories/60306
http://secunia.com/advisories/60486
http://secunia.com/advisories/60621
http://secunia.com/advisories/60628
http://www.debian.org/security/2014/dsa-2986
http://www.debian.org/security/2014/dsa-2996
http://www.mozilla.org/security/announce/2014/mfsa2014-61.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.securityfocus.com/bid/68814
http://www.securitytracker.com/id/1030619
http://www.securitytracker.com/id/1030620
1121476 https://bugzilla.redhat.com/show_bug.cgi?id=1121476
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:24.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:24.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:24.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:24.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:24.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:24.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:24.1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:24.1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:24.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:24.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:24.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:24.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:24.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:24.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:24.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:24.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:24.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:24.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:24.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:24.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:24.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:24.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:24.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:24.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:24.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:24.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:24.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:24.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:24.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:24.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:24.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:24.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:24.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:24.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:24.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:24.5:*:*:*:*:*:*:*
CVE-2014-1555 https://nvd.nist.gov/vuln/detail/CVE-2014-1555
GLSA-201504-01 https://security.gentoo.org/glsa/201504-01
mfsa2014-61 https://www.mozilla.org/en-US/security/advisories/mfsa2014-61
RHSA-2014:0918 https://access.redhat.com/errata/RHSA-2014:0918
RHSA-2014:0919 https://access.redhat.com/errata/RHSA-2014:0919
USN-2295-1 https://usn.ubuntu.com/2295-1/
USN-2296-1 https://usn.ubuntu.com/2296-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2014-1555
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.87292
EPSS Score 0.03359
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:10:22.474963+00:00 Debian Oval Importer Import https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.0.0