CVE-2014-1526

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Seamonkey
Vendor: CVE Published:; 30 April 2014

Summary

The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects.

References

http://lists.opensuse.org/opensuse-updates/2014-05/msg000...

vendor-advisoryx_refsource_SUSE

http://lists.opensuse.org/opensuse-updates/2014-05/msg000...

vendor-advisoryx_refsource_SUSE

http://www.mozilla.org/security/announce/2014/mfsa2014-47...

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 30, 2014
Vulnerability Reserved
Jan 16, 2014