CVE-2014-1479

Priority
Medium
Description
The System Only Wrapper (SOW) implementation in Mozilla Firefox before
27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey
before 2.24 does not prevent certain cloning operations, which allows
remote attackers to bypass intended restrictions on XUL content via vectors
involving XBL content scopes.
References
Assigned-to
chrisccoulson
Package
Upstream:released (24.3.0)
Ubuntu 10.04 LTS (Lucid Lynx):ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):released (1:24.3.0+build2-0ubuntu0.12.04.1)
Ubuntu 12.10 (Quantal Quetzal):released (1:24.3.0+build2-0ubuntu0.12.10.1)
Ubuntu 13.10 (Saucy Salamander):released (1:24.3.0+build2-0ubuntu0.13.10.1)
Ubuntu 14.04 LTS (Trusty Tahr):released (1:24.4.0+build1-0ubuntu1)
Package
Upstream:released (27.0)
Ubuntu 10.04 LTS (Lucid Lynx):ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):released (27.0+build1-0ubuntu0.12.04.1)
Ubuntu 12.10 (Quantal Quetzal):released (27.0+build1-0ubuntu0.12.10.1)
Ubuntu 13.10 (Saucy Salamander):released (27.0+build1-0ubuntu0.13.10.1)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
More Information

Valid XHTML 1.0 Strict

Updated: 2014-03-25 19:14:36 UTC (commit 7872)