Unrated severityNVD Advisory· Published Jun 11, 2014· Updated Jun 17, 2026
CVE-2014-1540
CVE-2014-1540
Description
Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <=29.0.1
- (no CPE)range: <30.0
- osv-coords2 versionspkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweed
< 128.5.1-1.1+ 1 more
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 50.1.0-1.1
Patches
Vulnerability mechanics
References
14- www.mozilla.org/security/announce/2014/mfsa2014-51.htmlnvdVendor Advisory
- lists.opensuse.org/opensuse-updates/2014-06/msg00040.htmlnvd
- lists.opensuse.org/opensuse-updates/2014-07/msg00001.htmlnvd
- secunia.com/advisories/59052nvd
- secunia.com/advisories/59171nvd
- secunia.com/advisories/59387nvd
- secunia.com/advisories/59486nvd
- secunia.com/advisories/59866nvd
- www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlnvd
- www.securityfocus.com/bid/67978nvd
- www.securitytracker.com/id/1030388nvd
- www.ubuntu.com/usn/USN-2243-1nvd
- bugzilla.mozilla.org/show_bug.cginvd
- security.gentoo.org/glsa/201504-01nvd
News mentions
0No linked articles in our index yet.