CVE-2014-1483

First published: Thu Feb 06 2014(Updated: )

Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.

Credit: security@mozilla.org security@mozilla.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/type
• agent/first-publish-date
• agent/references
• agent/severity
• agent/weakness
• agent/description
• agent/author
• agent/last-modified-date
• agent/event
• agent/tags
• collector/nvd-api
• source/NVD
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• collector/nvd-index
• agent/softwarecombine
• collector/mitre-cve
• source/MITRE
• vendor/oracle
• canonical/oracle solaris
• version/oracle solaris/11.3
• vendor/canonical
• canonical/canonical ubuntu linux
• version/canonical ubuntu linux/12.04
• version/canonical ubuntu linux/12.10
• version/canonical ubuntu linux/13.10
• vendor/mozilla
• canonical/mozilla firefox
• canonical/mozilla seamonkey
• vendor/suse
• canonical/suse suse linux enterprise software development kit
• version/suse suse linux enterprise software development kit/11.0-sp3
• vendor/opensuse
• canonical/opensuse opensuse
• version/opensuse opensuse/11.4
• version/opensuse opensuse/12.3
• version/opensuse opensuse/13.1
• canonical/suse linux enterprise desktop
• version/suse linux enterprise desktop/11-sp3
• canonical/suse linux enterprise server
• version/suse linux enterprise server/11-sp3