|
|||
Rule General Information |
---|
Release Date: | 2019-06-26 | |
Rule Name: | Mozilla Firefox WebIDL Privilege Escalation Vulnerability (CVE-2014-1510) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call. | |
Impact: | An attacker could exploit this vulnerability to have unspecified effect. | |
Affected OS: | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others | |
Reference: | SecurityFocusBID:66206 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html |
|
Solutions |
---|
The vendors have released upgrade patches to fix vulnerabilities, please visit: http://www.mozilla.org/security/announce/2014/mfsa2014-29.html |