Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
14 Feb 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | () https://8pecxstudios.com/?page_id=44080 - Broken Link, URL Repurposed |
Information
Published : 2014-02-06 05:44
Updated : 2024-02-14 01:17
NVD link : CVE-2014-1483
Mitre link : CVE-2014-1483
CVE.ORG link : CVE-2014-1483
JSON object : View
Products Affected
suse
- linux_enterprise_desktop
- suse_linux_enterprise_software_development_kit
- linux_enterprise_server
canonical
- ubuntu_linux
mozilla
- seamonkey
- firefox
opensuse
- opensuse
oracle
- solaris
CWE
CWE-1021
Improper Restriction of Rendered UI Layers or Frames