CVE-2014-1499

Published: Mar 19, 2014Modified: May 6, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.

Affected (10)

Products: Suse: Linux Enterprise Desktop, Linux Enterprise Server, Linux Enterprise Software Development Kit · Mozilla: Seamonkey, Firefox · Oracle: Solaris · +2 more

Show all products

Suse: Linux Enterprise Desktop, Linux Enterprise Server, Linux Enterprise Software Development Kit · Mozilla: Seamonkey, Firefox · Oracle: Solaris · Opensuse: Opensuse · Opensuse Project: Opensuse

3 products

Linux Enterprise Desktop

Linux Enterprise Server

Linux Enterprise Software Development Kit

2 products

1 product

1 product

Opensuse Project

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Suse Linux Enterprise Desktop	Version 11 sp3
Suse Linux Enterprise Server	Version 11 sp3
Suse Linux Enterprise Server	Version 11 sp3
Suse Linux Enterprise Software Development Kit	Version 11 sp3

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Mozilla Seamonkey	Before 2.25

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Oracle Solaris	Version 11.3

Configuration D

1 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Before 28.0

Configuration E

3 vulnerable

Vulnerable Software	Affected Versions
Opensuse Opensuse	Version 13.1
Opensuse Project Opensuse	Version 11.4
Opensuse Project Opensuse	Version 12.3

References (16)

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://www.mozilla.org/security/announce/2014/mfsa2014-19.html

Source: security@mozilla.org

Vendor Advisory

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Source: security@mozilla.org

Third Party Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=961512

Source: security@mozilla.org

Issue TrackingVendor Advisory

https://security.gentoo.org/glsa/201504-01

Source: security@mozilla.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.mozilla.org/security/announce/2014/mfsa2014-19.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=961512

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingVendor Advisory

https://security.gentoo.org/glsa/201504-01

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.