Lucene search

[email protected]CVE-2014-1501

HistoryMar 19, 2014 - 10:55 a.m.

CVE-2014-1501

2014-03-1910:55:06

CWE-264

[email protected]

web.nvd.nist.gov

mozilla

firefox

android

same origin policy

cve-2014-1501

nvd

8.9 High

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

56.1%

JSON

Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the “Open Link in New Tab” menu selection.

Affected configurations

NVD

Node

oraclesolarisMatch11.3

Node

mozillafirefoxRange≤27.0.1

mozillafirefoxMatch0.1

mozillafirefoxMatch0.2

mozillafirefoxMatch0.3

mozillafirefoxMatch0.4

mozillafirefoxMatch0.5

mozillafirefoxMatch0.6

mozillafirefoxMatch0.6.1

mozillafirefoxMatch0.7

mozillafirefoxMatch0.7.1

mozillafirefoxMatch0.8

mozillafirefoxMatch0.9

mozillafirefoxMatch0.9rc

mozillafirefoxMatch0.9.1

mozillafirefoxMatch0.9.2

mozillafirefoxMatch0.9.3

mozillafirefoxMatch0.10

mozillafirefoxMatch0.10.1

mozillafirefoxMatch1.0

mozillafirefoxMatch1.0preview_release

mozillafirefoxMatch1.0.1

mozillafirefoxMatch1.0.2

mozillafirefoxMatch1.0.3

mozillafirefoxMatch1.0.4

mozillafirefoxMatch1.0.5

mozillafirefoxMatch1.0.6

mozillafirefoxMatch1.0.7

mozillafirefoxMatch1.0.8

mozillafirefoxMatch1.5

mozillafirefoxMatch1.5beta1

mozillafirefoxMatch1.5beta2

mozillafirefoxMatch1.5.0.1

mozillafirefoxMatch1.5.0.2

mozillafirefoxMatch1.5.0.3

mozillafirefoxMatch1.5.0.4

mozillafirefoxMatch1.5.0.5

mozillafirefoxMatch1.5.0.6

mozillafirefoxMatch1.5.0.7

mozillafirefoxMatch1.5.0.8

mozillafirefoxMatch1.5.0.9

mozillafirefoxMatch1.5.0.10

mozillafirefoxMatch1.5.0.11

mozillafirefoxMatch1.5.0.12

mozillafirefoxMatch1.5.1

mozillafirefoxMatch1.5.2

mozillafirefoxMatch1.5.3

mozillafirefoxMatch1.5.4

mozillafirefoxMatch1.5.5

mozillafirefoxMatch1.5.6

mozillafirefoxMatch1.5.7

mozillafirefoxMatch1.5.8

mozillafirefoxMatch2.0

mozillafirefoxMatch2.0.0.1

mozillafirefoxMatch2.0.0.2

mozillafirefoxMatch2.0.0.3

mozillafirefoxMatch2.0.0.4

mozillafirefoxMatch2.0.0.5

mozillafirefoxMatch2.0.0.6

mozillafirefoxMatch2.0.0.7

mozillafirefoxMatch2.0.0.8

mozillafirefoxMatch2.0.0.9

mozillafirefoxMatch2.0.0.10

mozillafirefoxMatch2.0.0.11

mozillafirefoxMatch2.0.0.12

mozillafirefoxMatch2.0.0.13

mozillafirefoxMatch2.0.0.14

mozillafirefoxMatch2.0.0.15

mozillafirefoxMatch2.0.0.16

mozillafirefoxMatch2.0.0.17

mozillafirefoxMatch2.0.0.18

mozillafirefoxMatch2.0.0.19

mozillafirefoxMatch2.0.0.20

mozillafirefoxMatch3.0

mozillafirefoxMatch3.0.1

mozillafirefoxMatch3.0.2

mozillafirefoxMatch3.0.3

mozillafirefoxMatch3.0.4

mozillafirefoxMatch3.0.5

mozillafirefoxMatch3.0.6

mozillafirefoxMatch3.0.7

mozillafirefoxMatch3.0.8

mozillafirefoxMatch3.0.9

mozillafirefoxMatch3.0.10

mozillafirefoxMatch3.0.11

mozillafirefoxMatch3.0.12

mozillafirefoxMatch3.0.13

mozillafirefoxMatch3.0.14

mozillafirefoxMatch3.0.15

mozillafirefoxMatch3.0.16

mozillafirefoxMatch3.0.17

mozillafirefoxMatch3.0.18

mozillafirefoxMatch3.0.19

mozillafirefoxMatch3.5

mozillafirefoxMatch3.5.1

mozillafirefoxMatch3.5.2

mozillafirefoxMatch3.5.3

mozillafirefoxMatch3.5.4

mozillafirefoxMatch3.5.5

mozillafirefoxMatch3.5.6

mozillafirefoxMatch3.5.7

mozillafirefoxMatch3.5.8

mozillafirefoxMatch3.5.9

mozillafirefoxMatch3.5.10

mozillafirefoxMatch3.5.11

mozillafirefoxMatch3.5.12

mozillafirefoxMatch3.5.13

mozillafirefoxMatch3.5.14

mozillafirefoxMatch3.5.15

mozillafirefoxMatch3.5.16

mozillafirefoxMatch3.5.17

mozillafirefoxMatch3.5.18

mozillafirefoxMatch3.5.19

mozillafirefoxMatch3.6

mozillafirefoxMatch3.6.2

mozillafirefoxMatch3.6.3

mozillafirefoxMatch3.6.4

mozillafirefoxMatch3.6.6

mozillafirefoxMatch3.6.7

mozillafirefoxMatch3.6.8

mozillafirefoxMatch3.6.9

mozillafirefoxMatch3.6.10

mozillafirefoxMatch3.6.11

mozillafirefoxMatch3.6.12

mozillafirefoxMatch3.6.13

mozillafirefoxMatch3.6.14

mozillafirefoxMatch3.6.15

mozillafirefoxMatch3.6.16

mozillafirefoxMatch3.6.17

mozillafirefoxMatch3.6.18

mozillafirefoxMatch3.6.19

mozillafirefoxMatch3.6.20

mozillafirefoxMatch3.6.21

mozillafirefoxMatch3.6.22

mozillafirefoxMatch3.6.23

mozillafirefoxMatch3.6.24

mozillafirefoxMatch3.6.25

mozillafirefoxMatch3.6.26

mozillafirefoxMatch3.6.27

mozillafirefoxMatch3.6.28

mozillafirefoxMatch4.0

mozillafirefoxMatch4.0beta1

mozillafirefoxMatch4.0beta10

mozillafirefoxMatch4.0beta11

mozillafirefoxMatch4.0beta12

mozillafirefoxMatch4.0beta2

mozillafirefoxMatch4.0beta3

mozillafirefoxMatch4.0beta4

mozillafirefoxMatch4.0beta5

mozillafirefoxMatch4.0beta6

mozillafirefoxMatch4.0beta7

mozillafirefoxMatch4.0beta8

mozillafirefoxMatch4.0beta9

mozillafirefoxMatch4.0.1

mozillafirefoxMatch5.0

mozillafirefoxMatch5.0.1

mozillafirefoxMatch6.0

mozillafirefoxMatch6.0.1

mozillafirefoxMatch6.0.2

mozillafirefoxMatch7.0

mozillafirefoxMatch7.0.1

mozillafirefoxMatch8.0

mozillafirefoxMatch8.0.1

mozillafirefoxMatch9.0

mozillafirefoxMatch9.0.1

mozillafirefoxMatch10.0

mozillafirefoxMatch10.0.1

mozillafirefoxMatch10.0.2

mozillafirefoxMatch10.0.3

mozillafirefoxMatch10.0.4

mozillafirefoxMatch10.0.5

mozillafirefoxMatch10.0.6

mozillafirefoxMatch10.0.7

mozillafirefoxMatch10.0.8

mozillafirefoxMatch10.0.9

mozillafirefoxMatch10.0.10

mozillafirefoxMatch10.0.11

mozillafirefoxMatch10.0.12

mozillafirefoxMatch11.0

mozillafirefoxMatch12.0

mozillafirefoxMatch12.0beta6

mozillafirefoxMatch13.0

mozillafirefoxMatch13.0.1

mozillafirefoxMatch14.0

mozillafirefoxMatch14.0.1

mozillafirefoxMatch15.0

mozillafirefoxMatch15.0.1

mozillafirefoxMatch16.0

mozillafirefoxMatch16.0.1

mozillafirefoxMatch16.0.2

mozillafirefoxMatch17.0.2

mozillafirefoxMatch17.0.3

mozillafirefoxMatch17.0.4

mozillafirefoxMatch17.0.5

mozillafirefoxMatch17.0.6

mozillafirefoxMatch17.0.7

mozillafirefoxMatch17.0.8

mozillafirefoxMatch17.0.9

mozillafirefoxMatch17.0.10

mozillafirefoxMatch17.0.11

mozillafirefoxMatch18.0

mozillafirefoxMatch18.0.1

mozillafirefoxMatch18.0.2

mozillafirefoxMatch19.0

mozillafirefoxMatch19.0.1

mozillafirefoxMatch19.0.2

mozillafirefoxMatch20.0

mozillafirefoxMatch20.0.1

mozillafirefoxMatch21.0

mozillafirefoxMatch23.0

mozillafirefoxMatch23.0.1

mozillafirefoxMatch24.0

mozillafirefoxMatch24.1

mozillafirefoxMatch24.1.1

mozillafirefoxMatch25.0

mozillafirefoxMatch25.0.1

mozillafirefoxMatch26.0

mozillafirefoxMatch27.0

AND

googleandroid

Node

suselinux_enterprise_desktopMatch11sp3

suselinux_enterprise_serverMatch11sp3

suselinux_enterprise_serverMatch11sp3vmware

suselinux_enterprise_software_development_kitMatch11sp3

CPENameOperatorVersion
oracle:solarisoracle solariseq11.3

CPE	Name	Operator	Version
oracle:solaris	oracle solaris	eq	11.3

References

lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html

www.mozilla.org/security/announce/2014/mfsa2014-21.html

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

bugzilla.mozilla.org/show_bug.cgi?id=960135

8.9 High

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

56.1%

JSON

Related for CVE-2014-1501

openvas3 prion1 ubuntucve1 mozilla1 nvd1 cvelist1 nessus3 suse1 freebsd1 securityvulns1