Search for vulnerabilities
Vulnerability details: VCID-x6eg-dt6c-cucv
Vulnerability ID VCID-x6eg-dt6c-cucv
Aliases CVE-2014-1593
Summary Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a buffer overflow during the parsing of media content. This leads to a potentially exploitable crash. In general this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled, but is potentially a risk in browser or browser-like contexts.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
System Score Found at
epss 0.0211 https://api.first.org/data/v1/epss?cve=CVE-2014-1593
epss 0.0211 https://api.first.org/data/v1/epss?cve=CVE-2014-1593
epss 0.0211 https://api.first.org/data/v1/epss?cve=CVE-2014-1593
epss 0.0211 https://api.first.org/data/v1/epss?cve=CVE-2014-1593
epss 0.0211 https://api.first.org/data/v1/epss?cve=CVE-2014-1593
epss 0.0211 https://api.first.org/data/v1/epss?cve=CVE-2014-1593
epss 0.0211 https://api.first.org/data/v1/epss?cve=CVE-2014-1593
epss 0.0211 https://api.first.org/data/v1/epss?cve=CVE-2014-1593
epss 0.0211 https://api.first.org/data/v1/epss?cve=CVE-2014-1593
epss 0.0211 https://api.first.org/data/v1/epss?cve=CVE-2014-1593
epss 0.0211 https://api.first.org/data/v1/epss?cve=CVE-2014-1593
epss 0.0211 https://api.first.org/data/v1/epss?cve=CVE-2014-1593
epss 0.0211 https://api.first.org/data/v1/epss?cve=CVE-2014-1593
epss 0.0211 https://api.first.org/data/v1/epss?cve=CVE-2014-1593
epss 0.0211 https://api.first.org/data/v1/epss?cve=CVE-2014-1593
epss 0.0211 https://api.first.org/data/v1/epss?cve=CVE-2014-1593
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2014-88
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1593.json
https://api.first.org/data/v1/epss?cve=CVE-2014-1593
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
1169209 https://bugzilla.redhat.com/show_bug.cgi?id=1169209
CVE-2014-1593 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1593
mfsa2014-88 https://www.mozilla.org/en-US/security/advisories/mfsa2014-88
RHSA-2014:1919 https://access.redhat.com/errata/RHSA-2014:1919
RHSA-2014:1924 https://access.redhat.com/errata/RHSA-2014:1924
USN-2424-1 https://usn.ubuntu.com/2424-1/
USN-2428-1 https://usn.ubuntu.com/2428-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.8339
EPSS Score 0.0211
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:10:45.789244+00:00 Mozilla Importer Import https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-88.md 37.0.0