CVE-2014-1499

EPSS 0.61%
Published 19.03.2014 10:55:06
Last modified 12.04.2025 10:46:40
Source security@mozilla.org
Teams watchlist Login
Open Login

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.

Affected products Warnungen 0 Metrics 2 CWE 0 References 11

Data is provided by the National Vulnerability Database (NVD)

Suse ≫ Linux Enterprise Desktop Version11 Updatesp3

Suse ≫ Linux Enterprise Server Version11 Updatesp3

Suse ≫ Linux Enterprise Server Version11 Updatesp3 SwPlatformvmware

Suse ≫ Linux Enterprise Software Development Kit Version11 Updatesp3

Mozilla ≫ Seamonkey Version < 2.25

Oracle ≫ Solaris Version11.3

Mozilla ≫ Firefox Version < 28.0

Opensuse ≫ Opensuse Version13.1

Opensuse Project ≫ Opensuse Version11.4

Opensuse Project ≫ Opensuse Version12.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.61%	0.673

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Third Party Advisory

https://security.gentoo.org/glsa/201504-01

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html

Third Party Advisory

Mailing List

http://www.mozilla.org/security/announce/2014/mfsa2014-19.html

Vendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=961512

Vendor Advisory

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2014-1499

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-1499

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-1499

EUVD