CVE-2014-1589 Information

Description

Mozilla Firefox before 34.0 and SeaMonkey before 2.31 provide stylesheets with an incorrect primary namespace which allows remote attackers to bypass intended access restrictions via an XBL binding.

Reference

http://www.mozilla.org/security/announce/2014/mfsa2014-84.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html https://bugzilla.mozilla.org/show_bug.cgi?id=1043787 https://security.gentoo.org/glsa/201504-01