CVE-2014-1589

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Seamonkey
Vendor: CVE Published:; 11 December 2014

Summary

Mozilla Firefox before 34.0 and SeaMonkey before 2.31 provide stylesheets with an incorrect primary namespace, which allows remote attackers to bypass intended access restrictions via an XBL binding.

References

http://www.mozilla.org/security/announce/2014/mfsa2014-84...

x_refsource_CONFIRM

https://security.gentoo.org/glsa/201504-01

vendor-advisoryx_refsource_GENTOO

http://www.oracle.com/technetwork/topics/security/bulleti...

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 11, 2014
Vulnerability Reserved
Jan 16, 2014