CVE-2014-1483

Priority
Medium
Description
Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote
attackers to bypass the Same Origin Policy and obtain sensitive information
by using an IFRAME element in conjunction with certain timing measurements
involving the document.caretPositionFromPoint and document.elementFromPoint
functions.
References
Assigned-to
chrisccoulson
Package
Upstream:released (27.0)
Ubuntu 10.04 LTS (Lucid Lynx):ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):released (27.0+build1-0ubuntu0.12.04.1)
Ubuntu 12.10 (Quantal Quetzal):released (27.0+build1-0ubuntu0.12.10.1)
Ubuntu 13.10 (Saucy Salamander):released (27.0+build1-0ubuntu0.13.10.1)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
More Information

Valid XHTML 1.0 Strict

Updated: 2014-02-19 19:14:32 UTC (commit 7760)