CVE-2014-1583 in Mozilla Firefoxinformation

Résumé (Anglaise)

The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm.

Réserver

16/01/2014

Divulgation

15/10/2014

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
67804	Mozilla Firefox AlarmAPI buffer overflow	416	Non prouvée	Correctif officiel	CVE-2014-1583

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

◂ PrécédentAperçuSuivant ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!