Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-1529

Опубликовано: 30 апр. 2014
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 9.3
CVSS3: 8.8

Описание

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.

РелизСтатусПримечание
devel

not-affected

29.0+build1-0ubuntu0.14.04.2
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [29.0+build1-0ubuntu0.14.04.2]]
lucid

ignored

end of life
precise

released

29.0+build1-0ubuntu0.12.04.2
quantal

released

29.0+build1-0ubuntu0.12.10.3
saucy

released

29.0+build1-0ubuntu0.13.10.3
trusty

released

29.0+build1-0ubuntu0.14.04.2
trusty/esm

DNE

trusty was released [29.0+build1-0ubuntu0.14.04.2]
upstream

released

29.0

Показывать по

РелизСтатусПримечание
devel

not-affected

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [1:24.5.0+build1-0ubuntu0.14.04.1]]
lucid

ignored

end of life
precise

released

1:24.5.0+build1-0ubuntu0.12.04.1
quantal

released

1:24.5.0+build1-0ubuntu0.12.10.1
saucy

released

1:24.5.0+build1-0ubuntu0.13.10.1
trusty

released

1:24.5.0+build1-0ubuntu0.14.04.1
trusty/esm

DNE

trusty was released [1:24.5.0+build1-0ubuntu0.14.04.1]
upstream

released

24.5.0

Показывать по

EPSS

Процентиль: 75%
0.00906
Низкий

9.3 Critical

CVSS2

8.8 High

CVSS3

Связанные уязвимости

redhat
больше 11 лет назад

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.

CVSS3: 8.8
nvd
больше 11 лет назад

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.

CVSS3: 8.8
debian
больше 11 лет назад

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 2 ...

CVSS3: 8.8
github
около 3 лет назад

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.

fstec
больше 11 лет назад

Уязвимость программного пакета SeaMonkey, позволяющая удаленному злоумышленнику выполнить произвольный код

EPSS

Процентиль: 75%
0.00906
Низкий

9.3 Critical

CVSS2

8.8 High

CVSS3