CVE-2014-1489
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:N/A:P
Exploitability: 8.6 / Impact: 2.9
Source: NVD
Description
Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site.
Affected (225)
Products: Oracle: Solaris · Suse: Linux Enterprise Desktop, Linux Enterprise Server, Linux Enterprise Software Development Kit · Mozilla: Firefox · +3 more
Show all products
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11 sp3 | |
| Version 11 sp3 | |
| Version 11 sp3 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 13.1 | |
| Version 12.3 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 12.04 |
Related CWEs
References (26)
Source: security@mozilla.org
Third Party Advisory
Source: security@mozilla.org
Third Party Advisory
Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Vendor Advisory
Source: security@mozilla.org
Third Party Advisory
Source: security@mozilla.org
Source: security@mozilla.org
Source: security@mozilla.org
Issue TrackingVendor Advisory
Source: security@mozilla.org
Source: security@mozilla.org
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.