Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
14 Feb 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://8pecxstudios.com/?page_id=44080 - Broken Link, URL Repurposed |
Information
Published : 2014-02-06 05:44
Updated : 2024-02-28 12:20
NVD link : CVE-2014-1483
Mitre link : CVE-2014-1483
CVE.ORG link : CVE-2014-1483
JSON object : View
Products Affected
opensuse
- opensuse
oracle
- solaris
mozilla
- firefox
- seamonkey
suse
- suse_linux_enterprise_software_development_kit
- linux_enterprise_server
- linux_enterprise_desktop
canonical
- ubuntu_linux
CWE
CWE-1021
Improper Restriction of Rendered UI Layers or Frames