Lucene search
K

27 matches found

prion
prion
added 2014/10/15 10:55 a.m.25 views

Design/Logic Flaw

The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm...

5CVSS6.6AI score0.0281EPSS
Exploits0References18Affected Software2
cve
cve
added 2014/10/15 10:0 a.m.126 views

CVE-2014-1583

CVE-2014-1583 affects Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2; the Alarm API’s toJSON calls were not properly restricted, allowing remote attackers to bypass the Same Origin Policy by crafting API calls to access sensitive information in an alarm’s JSON data. Impact is cross-...

5CVSS9AI score0.0281EPSS
Exploits0References18Affected Software1
redhat
redhat
added 2014/10/15 2:39 a.m.4 views

Mozilla: Accessing cross-origin objects via the Alarms API (MFSA 2014-82)

The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm...

5CVSS6.9AI score0.0281EPSS
Exploits0References5
nessus
nessus
added 2014/10/15 12:0 a.m.32 views

RHEL 6 / 7 : firefox (RHSA-2014:1635)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1635 advisory. Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were...

7.5CVSS8.2AI score0.04991EPSS
Exploits0References16
nessus
nessus
added 2014/10/15 12:0 a.m.46 views

Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2372-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2372-1 advisory. Bobby Holley, Christian Holler, David Bolter, Byron Campen, Jon Coppeard, Carsten Book, Martijn Wargers, Shih-Chiang Chien, Terrence Cole and Jeff Walden...

7.5CVSS8.5AI score0.0527EPSS
Exploits1References13
osv
osv
added 2014/10/14 12:0 a.m.4 views

UBUNTU-CVE-2014-1583

The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm...

5CVSS6.9AI score0.0281EPSS
Exploits0References4
ubuntucve
ubuntucve
added 2014/10/14 12:0 a.m.26 views

CVE-2014-1583

The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm...

5CVSS6.9AI score0.0281EPSS
Exploits0References3
Rows per page
Query Builder