Your submission was sent successfully! Close

CVE-2014-1481

Published: 04 February 2014

Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
Upstream
Released (27.0)
thunderbird
Launchpad, Ubuntu, Debian
Upstream
Released (24.3.0)