[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

247085

 
 

909

 
 

194218

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-1483Date: (C)2014-02-11   (M)2024-03-27


Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
OSVDB-102869
SECTRACK-1029717
SECTRACK-1029720
SECUNIA-56706
SECUNIA-56767
SECUNIA-56787
SECUNIA-56888
BID-65316
GLSA-201504-01
SUSE-SU-2014:0248
USN-2102-1
USN-2102-2
firefox-cve20141483-info-disc(90893)
http://www.mozilla.org/security/announce/2014/mfsa2014-05.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
https://8pecxstudios.com/?page_id=44080
https://bugzilla.mozilla.org/show_bug.cgi?id=950427
openSUSE-SU-2014:0212
openSUSE-SU-2014:0419

OVAL    5
oval:org.secpod.oval:def:16742
oval:org.secpod.oval:def:16728
oval:org.secpod.oval:def:701564
oval:org.secpod.oval:def:16701
...

© SecPod Technologies