Lucene search

K
ubuntucveUbuntu.comUB:CVE-2014-8636
HistoryJan 14, 2015 - 12:00 a.m.

CVE-2014-8636

2015-01-1400:00:00
ubuntu.com
ubuntu.com
6

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.937 High

EPSS

Percentile

99.1%

The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey
before 2.32 does not properly interact with a DOM object that has a named
getter, which might allow remote attackers to execute arbitrary JavaScript
code with chrome privileges via unspecified vectors.

OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchfirefox< 35.0+build3-0ubuntu0.12.04.2UNKNOWN
ubuntu14.04noarchfirefox< 35.0+build3-0ubuntu0.14.04.2UNKNOWN
ubuntu14.10noarchfirefox< 35.0+build3-0ubuntu0.14.10.2UNKNOWN

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.937 High

EPSS

Percentile

99.1%

Related for UB:CVE-2014-8636