{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2762?format=json","vulnerability_id":"VCID-wyhd-jvb3-73fd","summary":"Mozilla community member James Kitchener reported a crash in\nDirectWrite when rendering MathML content with specific fonts due to an error in\nhow font resources and tables are handled. This leads to use-after-free of a\nDirectWrite font-face object, resulting in a potentially exploitable crash.\nThis issue is limited to the Windows platform and does not\naffect OS X or Linux systems. In general this flaw cannot be exploited through \nemail in the Thunderbird product because scripting is disabled, but is potentially \na risk in browser or browser-like contexts.","aliases":[{"alias":"CVE-2014-1551"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1142?format=json","purl":"pkg:mozilla/Firefox@31.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@31.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/1144?format=json","purl":"pkg:mozilla/Firefox%20ESR@24.7.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@24.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/1145?format=json","purl":"pkg:mozilla/Thunderbird@24.7.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@24.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/1143?format=json","purl":"pkg:mozilla/Thunderbird@31.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@31.0.0"}],"affected_packages":[],"references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1551","reference_id":"CVE-2014-1551","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1551"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2014-59","reference_id":"mfsa2014-59","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2014-59"}],"weaknesses":[],"exploits":[],"severity_range_score":"9.0 - 10.0","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wyhd-jvb3-73fd"}