5
CVE-2014-1483
- EPSS 2.47%
- Veröffentlicht 06.02.2014 05:44:24
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle security@mozilla.org
- CVE-Watchlists
- Unerledigt
Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Canonical ≫ Ubuntu Linux Version12.04 SwEditionesm
Canonical ≫ Ubuntu Linux Version12.10
Canonical ≫ Ubuntu Linux Version13.10
Suse ≫ Suse Linux Enterprise Software Development Kit Version11.0 Updatesp3
Suse ≫ Linux Enterprise Desktop Version11 Updatesp3
Suse ≫ Linux Enterprise Server Version11 Updatesp3 SwPlatform-
Suse ≫ Linux Enterprise Server Version11 Updatesp3 SwPlatformvmware
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.47% | 0.824 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-1021 Improper Restriction of Rendered UI Layers or Frames
The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain.
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
https://security.gentoo.org/glsa/201504-01
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html
http://secunia.com/advisories/56706
http://secunia.com/advisories/56767
http://secunia.com/advisories/56787
http://secunia.com/advisories/56888
http://www.securitytracker.com/id/1029717
http://www.securitytracker.com/id/1029720
http://www.ubuntu.com/usn/USN-2102-1
http://www.ubuntu.com/usn/USN-2102-2
https://8pecxstudios.com/?page_id=44080
http://osvdb.org/102869
http://www.mozilla.org/security/announce/2014/mfsa2014-05.html
http://www.securityfocus.com/bid/65316
https://bugzilla.mozilla.org/show_bug.cgi?id=950427
https://exchange.xforce.ibmcloud.com/vulnerabilities/90893