5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.005 Low
EPSS
Percentile
75.5%
The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla
Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x
before 31.2 does not properly recognize Stop Sharing actions for videos in
IFRAME elements, which allows remote attackers to obtain sensitive
information from the local camera by maintaining a session after the user
tries to discontinue streaming.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 12.04 | noarch | firefox | < 33.0+build2-0ubuntu0.12.04.1 | UNKNOWN |
ubuntu | 14.04 | noarch | firefox | < 33.0+build2-0ubuntu0.14.04.1 | UNKNOWN |
ubuntu | 12.04 | noarch | thunderbird | < 1:31.2.0+build2-0ubuntu0.12.04.1 | UNKNOWN |
ubuntu | 14.04 | noarch | thunderbird | < 1:31.2.0+build2-0ubuntu0.14.04.1 | UNKNOWN |