CVE-2014-1483 Information

Feb 14, 2021 cve

Description

Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.

Reference

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html http://osvdb.org/102869 http://secunia.com/advisories/56706 http://secunia.com/advisories/56767 http://secunia.com/advisories/56787 http://secunia.com/advisories/56888 http://www.mozilla.org/security/announce/2014/mfsa2014-05.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/65316 http://www.securitytracker.com/id/1029717 http://www.securitytracker.com/id/1029720 http://www.ubuntu.com/usn/USN-2102-1 http://www.ubuntu.com/usn/USN-2102-2 https://8pecxstudios.com/?page_id=44080 https://bugzilla.mozilla.org/show_bug.cgi?id=950427 https://exchange.xforce.ibmcloud.com/vulnerabilities/90893 https://security.gentoo.org/glsa/201504-01

Share on: